Network Working Group                                       C. DeSanti
Request for Comments: 5324                                    F. Maino
Category: Standards Track                                K. McCloghrie
                                                         Cisco Systems
                                                        September 2008
        
Network Working Group                                       C. DeSanti
Request for Comments: 5324                                    F. Maino
Category: Standards Track                                K. McCloghrie
                                                         Cisco Systems
                                                        September 2008
        

MIB for Fibre-Channel Security Protocols (FC-SP)

用于光纤通道安全协议(FC-SP)的MIB

Status of This Memo

关于下段备忘

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。

Abstract

摘要

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for information related to FC-SP, the Security Protocols defined for Fibre Channel.

此备忘录定义了管理信息库(MIB)的一部分,用于Internet社区中的网络管理协议。特别是,它描述了与FC-SP(为光纤通道定义的安全协议)相关信息的托管对象。

Table of Contents

目录

   1. Introduction ....................................................3
   2. The Internet-Standard Management Framework ......................3
   3. Overview of Fibre Channel .......................................3
      3.1. Introduction ...............................................3
      3.2. Zoning .....................................................4
      3.3. Virtual Fabrics ............................................5
      3.4. Security ...................................................5
           3.4.1. Authentication ......................................5
           3.4.2. Security Associations ...............................6
           3.4.3. Fabric Security Policies ............................7
           3.4.4. Policy Model ........................................8
           3.4.5. Policy Objects ......................................9
                  3.4.5.1. Policy Object Names .......................10
           3.4.6. Three Kinds of Switches ............................10
           3.4.7. Security Policy Management .........................11
           3.4.8. FC-SP Zoning .......................................11
   4. Document Overview ..............................................12
      4.1. Fibre Channel Management Instance .........................12
      4.2. Entity Name ...............................................12
      4.3. Fabric Index ..............................................13
      4.4. Interface Index ...........................................13
      4.5. Syntax for Policy Object Names ............................14
        
   1. Introduction ....................................................3
   2. The Internet-Standard Management Framework ......................3
   3. Overview of Fibre Channel .......................................3
      3.1. Introduction ...............................................3
      3.2. Zoning .....................................................4
      3.3. Virtual Fabrics ............................................5
      3.4. Security ...................................................5
           3.4.1. Authentication ......................................5
           3.4.2. Security Associations ...............................6
           3.4.3. Fabric Security Policies ............................7
           3.4.4. Policy Model ........................................8
           3.4.5. Policy Objects ......................................9
                  3.4.5.1. Policy Object Names .......................10
           3.4.6. Three Kinds of Switches ............................10
           3.4.7. Security Policy Management .........................11
           3.4.8. FC-SP Zoning .......................................11
   4. Document Overview ..............................................12
      4.1. Fibre Channel Management Instance .........................12
      4.2. Entity Name ...............................................12
      4.3. Fabric Index ..............................................13
      4.4. Interface Index ...........................................13
      4.5. Syntax for Policy Object Names ............................14
        
      4.6. Certificates, CAs, and CRLs ...............................14
      4.7. Traffic Selectors .........................................15
      4.8. The MIB Modules ...........................................16
           4.8.1. The T11-FC-SP-TC-MIB Module ........................16
           4.8.2. The T11-FC-SP-AUTHENTICATION-MIB Module ............16
           4.8.3. The T11-FC-SP-ZONING-MIB Module ....................16
           4.8.4. The T11-FC-SP-POLICY-MIB Module ....................17
           4.8.5. The T11-FC-SP-SA-MIB Module ........................17
      4.9. Rate Control for Notifications ............................18
   5. Relationship to Other MIB Modules ..............................19
   6. MIB Module Definitions .........................................20
      6.1. The T11-FC-SP-TC-MIB Module ...............................20
      6.2. The T11-FC-SP-AUTHENTICATION-MIB Module ...................33
      6.3. The T11-FC-SP-ZONING-MIB Module ...........................52
      6.4. The T11-FC-SP-POLICY-MIB Module ...........................64
      6.5. The T11-FC-SP-SA-MIB Module ..............................152
   7. IANA Considerations ...........................................204
   8. Security Considerations .......................................204
      8.1. Information Not Defined in This Document .................204
      8.2. The T11-FC-SP-TC-MIB Module ..............................204
      8.3. The T11-FC-SP-AUTHENTICATION-MIB Module ..................205
      8.4. The T11-FC-SP-ZONING-MIB Module ..........................206
      8.5. The T11-FC-SP-POLICY-MIB Module ..........................207
      8.6. The T11-FC-SP-SA-MIB Module ..............................209
      8.7. Recommendations Common to All MIB Modules ................211
   9. Normative References ..........................................212
   10. Informative References .......................................213
   11. Acknowledgements .............................................215
        
      4.6. Certificates, CAs, and CRLs ...............................14
      4.7. Traffic Selectors .........................................15
      4.8. The MIB Modules ...........................................16
           4.8.1. The T11-FC-SP-TC-MIB Module ........................16
           4.8.2. The T11-FC-SP-AUTHENTICATION-MIB Module ............16
           4.8.3. The T11-FC-SP-ZONING-MIB Module ....................16
           4.8.4. The T11-FC-SP-POLICY-MIB Module ....................17
           4.8.5. The T11-FC-SP-SA-MIB Module ........................17
      4.9. Rate Control for Notifications ............................18
   5. Relationship to Other MIB Modules ..............................19
   6. MIB Module Definitions .........................................20
      6.1. The T11-FC-SP-TC-MIB Module ...............................20
      6.2. The T11-FC-SP-AUTHENTICATION-MIB Module ...................33
      6.3. The T11-FC-SP-ZONING-MIB Module ...........................52
      6.4. The T11-FC-SP-POLICY-MIB Module ...........................64
      6.5. The T11-FC-SP-SA-MIB Module ..............................152
   7. IANA Considerations ...........................................204
   8. Security Considerations .......................................204
      8.1. Information Not Defined in This Document .................204
      8.2. The T11-FC-SP-TC-MIB Module ..............................204
      8.3. The T11-FC-SP-AUTHENTICATION-MIB Module ..................205
      8.4. The T11-FC-SP-ZONING-MIB Module ..........................206
      8.5. The T11-FC-SP-POLICY-MIB Module ..........................207
      8.6. The T11-FC-SP-SA-MIB Module ..............................209
      8.7. Recommendations Common to All MIB Modules ................211
   9. Normative References ..........................................212
   10. Informative References .......................................213
   11. Acknowledgements .............................................215
        
1. Introduction
1. 介绍

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for information concerning the Fibre Channel Security Protocols (FC-SP), as specified in [FC-SP]. The FC-SP standard includes the definition of protocols to authenticate Fibre Channel entities, protocols to set up session keys, protocols to negotiate the parameters required to ensure frame-by-frame integrity and confidentiality, and protocols to establish and distribute policies across a Fibre Channel Fabric.

此备忘录定义了管理信息库(MIB)的一部分,用于Internet社区中的网络管理协议。特别是,它描述了[FC-SP]中指定的有关光纤通道安全协议(FC-SP)信息的托管对象。FC-SP标准包括用于验证光纤通道实体的协议定义、用于设置会话密钥的协议、用于协商确保逐帧完整性和机密性所需参数的协议,以及用于在光纤通道结构中建立和分发策略的协议。

This memo was initially developed by the INCITS T11 committee (http://www.t11.org), which subsequently approved it for forwarding to the IETF.

本备忘录最初由INCITS T11委员会编制(http://www.t11.org),随后批准将其转发给IETF。

This memo uses one of the following terms:

本备忘录使用以下术语之一:

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC2119].

本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照BCP 14、RFC 2119[RFC2119]中的说明进行解释。

2. The Internet-Standard Management Framework
2. 因特网标准管理框架

For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].

有关描述当前互联网标准管理框架的文件的详细概述,请参阅RFC 3410[RFC3410]第7节。

Managed objects are accessed via a virtual information store, termed the Management Information Base, or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579], and STD 58, RFC 2580 [RFC2580].

托管对象通过虚拟信息存储(称为管理信息库或MIB)进行访问。MIB对象通常通过简单网络管理协议(SNMP)进行访问。MIB中的对象是使用管理信息结构(SMI)中定义的机制定义的。本备忘录规定了符合SMIv2的MIB模块,如STD 58、RFC 2578[RFC2578]、STD 58、RFC 2579[RFC2579]和STD 58、RFC 2580[RFC2580]所述。

3. Overview of Fibre Channel
3. 光纤通道概述
3.1. Introduction
3.1. 介绍

Fibre Channel (FC) is logically a bidirectional point-to-point serial data channel, structured for high performance. Fibre Channel provides a general transport vehicle for higher-level protocols such as Small Computer System Interface (SCSI) command sets, the High-Performance Parallel Interface (HIPPI) data framing, IP (Internet Protocol), IEEE 802.2, and others.

光纤通道(FC)在逻辑上是一种双向点对点串行数据通道,其结构旨在实现高性能。光纤通道为高级协议(如小型计算机系统接口(SCSI)命令集、高性能并行接口(HIPI)数据帧、IP(Internet协议)、IEEE 802.2等)提供了通用传输工具。

Physically, Fibre Channel is an interconnection of multiple communication points, called N_Ports, interconnected either by a switching network, called a Fabric, or by a point-to-point link. A Fibre Channel "Node" consists of one or more N_Ports. A Fabric may consist of multiple Interconnect Elements, some of which are Switches. An N_Port connects to the Fabric via a port on a Switch called an F_Port. When multiple FC Nodes are connected to a single port on a Switch via an "Arbitrated Loop" topology, the Switch port is called an FL_Port, and the Nodes' ports are called NL_Ports. The term Nx_Port is used to refer to either an N_Port or an NL_Port. The term Fx_Port is used to refer to either an F_Port or an FL_Port. A Switch port, which is interconnected to another Switch port via an Inter-Switch Link (ISL), is called an E_Port. A B_Port connects a bridge device with an E_Port on a Switch; a B_Port provides a subset of E_Port functionality.

从物理上讲,光纤通道是多个通信点(称为N_端口)的互连,这些通信点通过交换网络(称为结构)或点到点链路互连。光纤通道“节点”由一个或多个N_端口组成。一个结构可以由多个互连元件组成,其中一些是交换机。N_端口通过交换机上称为F_端口的端口连接到结构。当多个FC节点通过“仲裁环路”拓扑连接到交换机上的单个端口时,交换机端口称为FL_端口,节点的端口称为NL_端口。术语Nx_端口用于指N_端口或NL_端口。术语Fx_端口用于指F_端口或FL_端口。通过交换机间链路(ISL)与另一个交换机端口互连的交换机端口称为E_端口。B_端口将桥接设备与交换机上的E_端口连接起来;B_端口提供E_端口功能的子集。

Many Fibre Channel components, including the Fabric, each Node, and most ports, have globally unique names. These globally unique names are typically formatted as World Wide Names (WWNs). More information on WWNs can be found in [FC-FS-2]. WWNs are expected to be persistent across agent and unit resets.

许多光纤通道组件(包括光纤网、每个节点和大多数端口)具有全局唯一的名称。这些全局唯一的名称通常格式化为全球通用名称(WWN)。有关WWN的更多信息,请参见[FC-FS-2]。WWN预计将在代理和单元重置之间保持不变。

Fibre Channel frames contain 24-bit address identifiers that identify the frame's source and destination ports. Each FC port has both an address identifier and a WWN. When a Fabric is in use, the FC address identifiers are dynamic and are assigned by a Switch. Each octet of a 24-bit address represents a level in an address hierarchy, with a Domain_ID being the highest level of the hierarchy.

光纤通道帧包含24位地址标识符,用于标识帧的源端口和目标端口。每个FC端口都有地址标识符和WWN。在使用结构时,FC地址标识符是动态的,由交换机分配。24位地址的每个八位字节表示地址层次结构中的一个级别,域ID是层次结构中的最高级别。

3.2. Zoning
3.2. 分区

Zones within a Fabric provide a mechanism to control frame delivery between Nx_Ports ("Hard Zoning") or to expose selected views of Name Server information ("Soft Zoning").

结构中的分区提供了一种机制来控制Nx_端口之间的帧传递(“硬分区”)或公开名称服务器信息的选定视图(“软分区”)。

Communication is only possible when the communicating endpoints are members of a common zone. This technique is similar to virtual private networks in that the Fabric has the ability to group devices into Zones.

只有当通信端点是公共区域的成员时,才可能进行通信。这种技术类似于虚拟专用网络,因为该结构能够将设备分组到区域中。

Hard zoning and soft zoning are two different means of realizing this. Hard zoning is enforced in the Fabric (i.e., Switches), whereas soft zoning is enforced at the endpoints (e.g., Host Bus Adapters) by relying on the endpoints to not send traffic to an N_Port_ID not obtained from the Name Server with a few exceptions for well known Addresses (e.g., the Name Server).

硬分区和软分区是实现这一点的两种不同方式。硬分区是在结构(即交换机)中实施的,而软分区是在端点(例如主机总线适配器)上实施的,方法是依靠端点不将流量发送到不是从名称服务器获得的N_端口ID,已知地址(例如名称服务器)除外。

Administrators create Zones to increase network security, and prevent data loss or corruption, by controlling access between devices or user groups.

管理员通过控制设备或用户组之间的访问来创建区域以提高网络安全性,并防止数据丢失或损坏。

3.3. Virtual Fabrics
3.3. 虚拟结构

The standard for an interconnecting Fabric containing multiple Fabric Switch elements is [FC-SW-4]. [FC-SW-4] carries forward the earlier specification for the operation of a single Fabric in a physical infrastructure, and augments it with the definition of Virtual Fabrics and with the specification of how multiple Virtual Fabrics can operate within one or more physical infrastructures. The use of Virtual Fabrics provides for each frame to be tagged in its header to indicate which one of several Virtual Fabrics that frame is being transmitted on. All frames entering a particular "Core Switch" [FC-SW-4] (i.e., a physical Switch) on the same Virtual Fabric are processed by the same "Virtual Switch" within that Core Switch.

包含多个结构交换机元件的互连结构的标准为[FC-SW-4]。[FC-SW-4]继承了物理基础设施中单个结构操作的早期规范,并通过虚拟结构的定义以及多个虚拟结构如何在一个或多个物理基础设施中操作的规范对其进行了补充。虚拟结构的使用为每个帧提供了在其标头中标记的功能,以指示该帧在多个虚拟结构中的哪一个上传输。进入同一虚拟结构上特定“核心交换机”[FC-SW-4](即物理交换机)的所有帧都由该核心交换机内的同一“虚拟交换机”处理。

3.4. Security
3.4. 安全

The Fibre Channel Security Protocols (FC-SP) standard [FC-SP] describes the protocols used to implement security in a Fibre Channel Fabric, including the definition of:

光纤通道安全协议(FC-SP)标准[FC-SP]描述了用于在光纤通道结构中实现安全性的协议,包括以下定义:

- protocols to authenticate Fibre Channel entities,

- 用于验证光纤通道实体的协议,

- protocols to set up session keys,

- 设置会话密钥的协议,

- protocols to negotiate the parameters required to ensure frame-by-frame integrity and confidentiality, and

- 协商确保逐帧完整性和机密性所需参数的协议,以及

- protocols to establish and distribute (security) policies across a Fibre Channel Fabric.

- 跨光纤通道结构建立和分发(安全)策略的协议。

3.4.1. Authentication
3.4.1. 认证

Two entities may negotiate whether authentication is required and which Authentication Protocol is to be used. Authentication can be used in Switch-to-Switch, Node-to-Switch, and Node-to-Node communication. The defined Authentication Protocols are able to perform mutual authentication with optional shared key establishment. The shared key computed at the end of an Authentication Transaction may be used to establish Security Associations.

两个实体可以协商是否需要身份验证以及使用哪个身份验证协议。身份验证可用于交换机到交换机、节点到交换机和节点到节点通信。定义的认证协议能够使用可选的共享密钥建立执行相互认证。在认证事务结束时计算的共享密钥可用于建立安全关联。

The Fabric security architecture is defined for several authentication infrastructures. Secret-based, certificate-based, and password-based authentication infrastructures are accommodated. Specific authentication protocols that directly leverage these three authentication infrastructures are defined.

结构安全体系结构是为多个身份验证基础架构定义的。支持基于秘密、基于证书和基于密码的身份验证基础架构。定义了直接利用这三种身份验证基础结构的特定身份验证协议。

With a secret-based infrastructure, entities within the Fabric environment that establish a security relationship share a common secret or centralize the secret administration in an external (e.g., RADIUS [RFC2865], Diameter [RFC3588], or Terminal Access Controller Access Control System (TACACS) [RFC1492]) server. Entities may mutually authenticate with other entities by using the Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) [FC-SP]. Security Associations may be set up using the session key computed at the end of the DH-CHAP transaction.

通过基于秘密的基础设施,结构环境中建立安全关系的实体共享公共秘密或将秘密管理集中在外部(例如RADIUS[RFC2865]、Diameter[RFC3588]或终端访问控制器访问控制系统(TACACS)[RFC1492])服务器中。实体可通过使用Diffie-Hellman质询握手认证协议(DH-CHAP)[FC-SP]与其他实体相互认证。可以使用DH-CHAP事务结束时计算的会话密钥建立安全关联。

With a certificate-based infrastructure, entities within the Fabric environment are certified by a trusted Certificate Authority (CA). The resulting certificates bind each entity to a public-private key pair that may be used to mutually authenticate with other certified entities via the Fibre Channel Certificate Authentication Protocol (FCAP) [FC-SP]. Security Associations may be set up by using these entity certificates and associated keys or by using the session key computed at the end of the FCAP transaction.

通过基于证书的基础结构,结构环境中的实体由可信证书颁发机构(CA)进行认证。生成的证书将每个实体绑定到一个公私密钥对,该密钥对可用于通过光纤通道证书认证协议(FCAP)[FC-SP]与其他认证实体相互认证。可以通过使用这些实体证书和相关联的密钥或通过使用在FCAP事务结束时计算的会话密钥来建立安全关联。

With a password-based infrastructure, entities within the Fabric environment that establish a security relationship have knowledge of the password-based credential material of other entities. Entities may use this credential material to mutually authenticate with other entities using the Fibre Channel Password Authentication Protocol (FCPAP) [FC-SP]. Security Associations may be set up using the session key computed at the end of the FCPAP transaction.

通过基于密码的基础架构,结构环境中建立安全关系的实体了解其他实体的基于密码的凭证材料。实体可以使用此凭证材料使用光纤通道密码认证协议(FCPAP)[FC-SP]与其他实体相互认证。可以使用在FCPAP事务结束时计算的会话密钥建立安全关联。

In addition to DH-CHAP, FCAP, and FCPAP, one other Authentication Protocol is defined: Internet Key Exchange Protocol version 2-AUTH (IKEv2-AUTH), which refers to the use of an SA Management Transaction of the Security Association Management Protocol (see below) to perform two functions: not only SA management but also authentication. The credentials used in an IKEv2-AUTH transaction are either strong shared secrets or certificates.

除了DH-CHAP、FCAP和FCPAP之外,还定义了另一个身份验证协议:Internet密钥交换协议版本2-AUTH(IKEv2 AUTH),它指的是使用安全关联管理协议(见下文)的SA管理事务来执行两个功能:不仅SA管理,而且身份验证。IKEv2身份验证事务中使用的凭据是强共享机密或证书。

3.4.2. Security Associations
3.4.2. 安全协会

A subset of the IKEv2 protocol [RFC4306] suitable for Fibre Channel is defined as the (Fibre Channel) Security Association Management protocol [RFC4595]. This protocol -- which is *not* IPsec -- provides the means to establish Security Associations (SAs) between Fibre Channel entities. Traffic Selectors are defined to specify

适用于光纤通道的IKEv2协议[RFC4306]的子集被定义为(光纤通道)安全关联管理协议[RFC4595]。此协议(不是IPsec)提供了在光纤通道实体之间建立安全关联(SA)的方法。流量选择器定义为指定

which type of traffic has to be protected by which SA, and what the characteristics of the protection are. Two mechanisms are available to protect specific classes of traffic:

哪种类型的流量必须由哪种SA进行保护,以及保护的特征是什么。有两种机制可用于保护特定类别的流量:

- ESP_Header is used to protect FC-2 frames (see [FC-FS-2] and the conceptually similar mechanisms in [RFC4303]), and

- ESP_头用于保护FC-2帧(参见[FC-FS-2]和[RFC4303]中概念上类似的机制),以及

- CT_Authentication is used to protect CT_IUs (Common Transport Information Units) [FC-GS-5].

- CT_认证用于保护CT_IUs(通用传输信息单元)[FC-GS-5]。

An entity protecting specific classes of traffic maintains an internal Security Association Database (SADB) that contains the currently active Security Associations and Traffic Selectors.

保护特定流量类别的实体维护一个内部安全关联数据库(SADB),其中包含当前活动的安全关联和流量选择器。

Each active SA has a Security Association entry in the SADB. Each SA entry includes the SA's SPI (the Security Parameters Index, which is included in frames transmitted on the SA), a Sequence Number counter, and the parameters for the selected transforms (e.g., encryption algorithm, integrity algorithm, mode of operation of the algorithms, keys).

每个活动SA在SADB中都有一个安全关联条目。每个SA条目包括SA的SPI(安全参数索引,包括在SA上传输的帧中)、序列号计数器和所选转换的参数(例如,加密算法、完整性算法、算法的操作模式、密钥)。

Each active Traffic Selector has an entry in the SADB that indicates whether it is used for ingress traffic or for egress traffic. These Traffic Selector entries are ordered such that they are searched (when checking for a match) in the given order. Two types of Traffic Selector entries may be present:

每个活动流量选择器在SADB中都有一个条目,指示它是用于入口流量还是用于出口流量。对这些流量选择器条目进行排序,以便(在检查匹配项时)按给定顺序对其进行搜索。可能存在两种类型的交通选择器条目:

- Traffic Selector entries identifying FC-2 frames or CT_IUs to be bypassed or discarded; and

- 识别要绕过或丢弃的FC-2帧或CT_IUs的流量选择器条目;和

- Traffic Selector entries identifying FC-2 frames or CT_IUs to be protected or verified. These entries point to the corresponding SA entry defining the parameters and the security processing to be performed.

- 识别要保护或验证的FC-2帧或CT_IUs的流量选择器条目。这些条目指向定义要执行的参数和安全处理的相应SA条目。

SAs are unidirectional, but they always exist as an SA pair of the same type, one in each direction.

SA是单向的,但它们始终作为相同类型的SA对存在,每个方向一个。

3.4.3. Fabric Security Policies
3.4.3. 结构安全策略

Two separate approaches to defining Policies are adopted in FC-SP, but both approaches follow the same general concept for their Policy model. One is the definition of a Policy Model for Fabric Policies that focus on Security. These Security Policies specify the membership and connectivity allowed within a Fabric, and also which IP hosts are allowed to manage a Fabric.

FC-SP中采用了两种不同的策略定义方法,但这两种方法的策略模型遵循相同的一般概念。一个是为关注安全性的结构策略定义策略模型。这些安全策略指定结构中允许的成员资格和连接,以及允许哪些IP主机管理结构。

The other approach is to define a variant of the Enhanced Zoning model defined in [FC-SW-4] and [FC-GS-5], such that the variant specifies extensions for use in a secure environment. This variant of Zoning, denoted as "FC-SP Zoning", follows the same general concepts of the Policy model for Security Policies, but keeps Zoning management and enforcement completely independent from the management and enforcement of other policies.

另一种方法是定义[FC-SW-4]和[FC-GS-5]中定义的增强分区模型的变体,以便该变体指定在安全环境中使用的扩展。此分区变体(表示为“FC-SP分区”)遵循与安全策略策略模型相同的一般概念,但使分区管理和实施完全独立于其他策略的管理和实施。

3.4.4. Policy Model
3.4.4. 策略模型

Figure 25 of [FC-SP] depicts FC-SP's policy management model like this:

[FC-SP]的图25描述了FC-SP的策略管理模型,如下所示:

   *****          ************************
   *   *          *  Policy              *    *********************
   * M *  Add,    *  Configuration       *    * Policy            *
   * A *  Get,    *  Entity              *    * Enforcement       *
   * N *  Remove  *                      *    * Entity            *
   * A *  Policy  *  +----------------+  *    *                   *
   * G *  Objects *  | Non-Active     |  *    *  +-------------+  *
   * I *<-------->*  | Policy Objects |==*====*=>| Active      |  *
   * N *          *  +----------------+  *    *  | Policy      |  *
   * G *          ************************    *  | Objects     |  *
   *   *                                      *  +-------------+  *
   *   *              Activate Policy Summary *                   *
   * E *=====================================>*  +-------------+  *
   * N *            Deactivate Policy Summary *  | Policy      |  *
   * T *=====================================>*  | Summary     |  *
   * I *                                      *  | Object      |  *
   * T *            Get Policy Summary        *  +-------------+  *
   * Y *<-------------------------------------*                   *
   *   *            Get Policy Objects        *                   *
   *   *<-------------------------------------*                   *
   *****                                      *********************
        
   *****          ************************
   *   *          *  Policy              *    *********************
   * M *  Add,    *  Configuration       *    * Policy            *
   * A *  Get,    *  Entity              *    * Enforcement       *
   * N *  Remove  *                      *    * Entity            *
   * A *  Policy  *  +----------------+  *    *                   *
   * G *  Objects *  | Non-Active     |  *    *  +-------------+  *
   * I *<-------->*  | Policy Objects |==*====*=>| Active      |  *
   * N *          *  +----------------+  *    *  | Policy      |  *
   * G *          ************************    *  | Objects     |  *
   *   *                                      *  +-------------+  *
   *   *              Activate Policy Summary *                   *
   * E *=====================================>*  +-------------+  *
   * N *            Deactivate Policy Summary *  | Policy      |  *
   * T *=====================================>*  | Summary     |  *
   * I *                                      *  | Object      |  *
   * T *            Get Policy Summary        *  +-------------+  *
   * Y *<-------------------------------------*                   *
   *   *            Get Policy Objects        *                   *
   *   *<-------------------------------------*                   *
   *****                                      *********************
        

Note that the arrows in the picture above are used to indicate the movement of "data", rather than the direction of "messages", e.g., for a "Get" (with no data) in one direction which invokes a "Response" (typically with data) in the reverse direction, the diagram has arrows only for the "with data" direction.

请注意,上图中的箭头用于指示“数据”的移动,而不是“消息”的方向,例如,对于一个方向上的“获取”(无数据)调用相反方向上的“响应”(通常有数据),图表中的箭头仅用于“有数据”方向。

3.4.5. Policy Objects
3.4.5. 策略对象

The Policies to be enforced by a Fabric are specified in a set of Policy Objects. The various types of Policy Objects are:

结构要强制执行的策略在一组策略对象中指定。各种类型的策略对象包括:

- The Policy Summary Object is a list of pointers to other Policy Objects, one pointer per each other active Policy Object. Each pointer in a Policy Summary Object is paired with a cryptographic hash of the referenced Policy Object.

- 策略摘要对象是指向其他策略对象的指针列表,每个活动策略对象一个指针。策略摘要对象中的每个指针都与所引用策略对象的加密哈希配对。

- The Switch Membership List Object is a Fabric-wide Policy Object that defines which Switches are allowed to be part of a Fabric.

- 交换机成员列表对象是一个结构范围的策略对象,它定义了允许哪些交换机成为结构的一部分。

- The Node Membership List Object is a Fabric-wide Policy Object that defines which Nodes are allowed to be connected to a Fabric.

- 节点成员资格列表对象是一个结构范围的策略对象,用于定义允许哪些节点连接到结构。

- The IP Management List Object is a Fabric-wide Policy Object that describes which IP hosts are allowed to manage a Fabric.

- IP管理列表对象是一个结构范围的策略对象,描述允许哪些IP主机管理结构。

- A Switch Connectivity Object is a per-Switch Policy Object that describes the topology restrictions for a specific Switch; it specifies the other Switches or Nodes to which the particular Switch may be connected at the Node level and/or at the Port level.

- 交换机连接对象是描述特定交换机拓扑限制的每交换机策略对象;它指定特定交换机可能在节点级别和/或端口级别连接到的其他交换机或节点。

- Attribute Objects are Fabric-wide Policy Objects that define optional attributes to be associated with Switches or Nodes. They allow the extension of this policy model by defining new attributes as required.

- 属性对象是结构范围的策略对象,定义与交换机或节点关联的可选属性。它们允许通过根据需要定义新属性来扩展此策略模型。

Note that the administratively specified name for a Fabric is contained in the Switch Membership List Object (not in the Policy Summary Object).

请注意,结构的管理指定名称包含在交换机成员资格列表对象中(而不是策略摘要对象中)。

When FC-SP is in use, each Fabric has a set of active Policy Objects:

使用FC-SP时,每个结构都有一组活动策略对象:

- one Policy Summary Object,

- 一个策略摘要对象,

- one Switch Membership List Object,

- 一个交换机成员列表对象,

- one Node Membership List Object,

- 一个节点成员列表对象,

- one IP Management List Object,

- 一个IP管理列表对象,

- zero or more Switch Connectivity Objects, and

- 零个或多个交换机连接对象,以及

- zero or more Attribute Objects.

- 零个或多个属性对象。

The active Policy Objects specify the Policies currently being enforced. In addition, policies not currently being enforced are contained in non-active Policy Objects. To change the active Policy Objects, the non-active Policy Objects are edited as necessary and a new Policy Summary Object that includes/references the changed Policy Objects is activated.

活动策略对象指定当前正在实施的策略。此外,当前未强制执行的策略包含在非活动策略对象中。若要更改活动策略对象,将根据需要编辑非活动策略对象,并激活一个包含/引用已更改策略对象的新策略摘要对象。

3.4.5.1. Policy Object Names
3.4.5.1. 策略对象名称

Every Policy Object has a name. In a Fabric's database of Policy Objects, a Policy Object Name is specified as a type/length/value (see section 7.2 of [FC-SP]). The possible types are:

每个策略对象都有一个名称。在结构的策略对象数据库中,策略对象名称被指定为类型/长度/值(请参见[FC-SP]第7.2节)。可能的类型有:

- Node_Name

- 节点名称

- Restricted Node_Name

- 受限节点名称

- Port_Name

- 港口名称

- Restricted Port_Name

- 受限端口名称

- Wildcard

- 通配符

- Negated Wildcard

- 否定通配符

- Alphanumeric Name

- 字母数字名称

- IPv6 Address Range

- IPv6地址范围

- IPv4 Address Range

- IPv4地址范围

3.4.6. Three Kinds of Switches
3.4.6. 三种开关

For a Fabric composed of n Switches and m Nodes, the potential complexity of Switch Connectivity Objects is O(n**2) to describe Switch to Switch connections, and O(n*m) for Switch to Node connections. To provide better scaling, the Switch Connectivity Objects are not Fabric-wide information, but are distributed only to where they are needed. To support this, the policy model supports three kinds of Switches in a Fabric:

对于由n个交换机和m个节点组成的结构,交换机连接对象的潜在复杂性是O(n**2)来描述交换机到交换机的连接,O(n*m)来描述交换机到节点的连接。为了提供更好的可伸缩性,交换机连接对象不是结构范围的信息,而是仅分布到需要它们的地方。为了支持这一点,策略模型在结构中支持三种交换机:

- Server Switches, which maintain the Fabric-wide Policy Objects, all the Switch Connectivity Objects, and a full copy of the FC-SP Zoning Database;

- 服务器交换机,用于维护结构范围的策略对象、所有交换机连接对象以及FC-SP分区数据库的完整副本;

- Autonomous Switches, which maintain the Fabric-wide Policy Objects, their own Switch Connectivity Object, and a full copy of the FC-SP Zoning Database; and

- 自治交换机,维护结构范围的策略对象、它们自己的交换机连接对象以及FC-SP分区数据库的完整副本;和

- Client Switches, which maintain the Fabric-wide Policy Objects, their own Switch Connectivity Object, and a subset of the FC-SP Active Zone Set (which is the configurations of zones currently being enforced by a Fabric, see section 10.4.3.3 of [FC-SW-4]).

- 客户端交换机,维护结构范围的策略对象、它们自己的交换机连接对象和FC-SP活动区域集的子集(这是结构当前正在实施的区域配置,请参见[FC-SW-4]第10.4.3.3节)。

3.4.7. Security Policy Management
3.4.7. 安全策略管理

Security Policy can be changed in a server session [FC-GS-5] with a Security Policy Server. All write access to a Security Policy Server occurs within a server session. While read access to a Security Policy Server may occur at any time, the consistency of the returned data is guaranteed only inside a server session.

可以在具有安全策略服务器的服务器会话[FC-GS-5]中更改安全策略。对安全策略服务器的所有写访问都发生在服务器会话中。尽管对安全策略服务器的读取访问可能随时发生,但返回数据的一致性仅在服务器会话内得到保证。

The Enhanced Commit Service [FC-SW-4] is used to perform Fabric operations as and when necessary (see table 144 of [FC-SP]). Many of these operations are named as if they were acronyms, e.g., SSB for Server Session Begin; SSE for Server Session End; SW_ILS for Switch Fabric Internal Link Services; EACA for Enhanced Acquire Change Authorization; ERCA for Enhanced Release Change Authorization; SFC for Stage Fabric Configuration.

增强提交服务[FC-SW-4]用于在必要时执行结构操作(参见[FC-SP]的表144)。这些操作中的许多操作被命名为首字母缩略词,例如,服务器会话开始的SSB;用于服务器会话结束的SSE;交换结构内部链路服务的SW_ILS;EACA,用于增强获取变更授权;增强发布变更授权的ERCA;SFC用于舞台结构配置。

Each server session begins and ends, with a SSB request and a SSE request respectively, sent to a Security Policy Server. In the Fabric, the SSB requests a lock of the Fabric via an EACA SW_ILS, while the SSE requests a release of the lock via the ERCA SW_ILS [FC-SW-4]. Active and non-active Policy Objects are persistent in that they survive after the end of a server session.

每个服务器会话开始和结束时,分别向安全策略服务器发送一个SSB请求和一个SSE请求。在结构中,SSB通过EACA SW_ILS请求结构锁,而SSE通过ERCA SW_ILS请求释放锁[FC-SW-4]。活动和非活动策略对象是持久的,因为它们在服务器会话结束后仍然存在。

3.4.8. FC-SP Zoning
3.4.8. FC-SP分区

To preserve backward compatibility with existing Zoning definitions and implementations, FC-SP Zoning is defined as a variant of the Enhanced Zoning model defined in [FC-SW-4] and [FC-GS-5] that follows the general concepts of the Policy model for Security Policy Management, but keeps Zoning management and enforcement completely independent.

为保持与现有分区定义和实施的向后兼容性,FC-SP分区定义为[FC-SW-4]和[FC-GS-5]中定义的增强分区模型的变体,该模型遵循安全策略管理策略模型的一般概念,但保持分区管理和实施完全独立。

FC-SP Zoning allows for some Switches to retain less than a complete replicated copy of the Zoning Database, as follows:

FC-SP分区允许某些交换机保留分区数据库的完整复制副本,如下所示:

- Server Switches maintain the policies data structures for all Switches in the Fabric plus a replica of the Zoning data structures;

- 服务器交换机维护结构中所有交换机的策略数据结构以及分区数据结构的副本;

- Autonomous Switches maintain only the subset of policies data structures relevant for their operations plus a replica of the Zoning Database; and

- 自治交换机仅维护与其操作相关的策略数据结构子集以及分区数据库的副本;和

- Client Switches maintain only the subset of policies data structures and the subset of the Active Zone Set relevant for their operations.

- 客户端交换机仅维护策略数据结构的子集以及与其操作相关的活动区域集的子集。

When Client Switches are deployed in a Fabric, at least one Server Switch must also be deployed in the same Fabric. A client-server protocol allows Client Switches to dynamically retrieve the Zoning information they may require from the Server Switches.

在结构中部署客户端交换机时,必须在同一结构中至少部署一个服务器交换机。客户端-服务器协议允许客户端交换机从服务器交换机动态检索它们可能需要的分区信息。

A management application manages the Fabric Zoning configuration through the Fabric Zone Server, while other policies are managed through the Security Policy Server. A new Zoning Check Protocol replaces the Zone Merge Protocol [FC-SW-4], and new command codes are defined for the SFC SW_ILS to distribute the FC-SP Zoning configuration on a Fabric. The Zoning definitions are ordered to allow for the computation of a hash of the Active Zone Set and a hash of the Zone Set Database, plus other optional security data (e.g., for integrity protection of Zoning information).

管理应用程序通过结构区域服务器管理结构分区配置,而其他策略则通过安全策略服务器进行管理。新的分区检查协议取代了分区合并协议[FC-SW-4],并为SFC SW_ILS定义了新的命令代码,以在结构上分发FC-SP分区配置。分区定义的顺序允许计算活动分区集的散列和分区集数据库的散列,以及其他可选安全数据(例如,分区信息的完整性保护)。

4. Document Overview
4. 文件概述

This document defines five MIB modules that together provide the means for monitoring the operation of, and configuring some parameters of, one or more instances of the FC-SP protocols.

本文档定义了五个MIB模块,它们共同提供了监控FC-SP协议一个或多个实例的操作和配置其某些参数的方法。

4.1. Fibre Channel Management Instance
4.1. 光纤通道管理实例

A Fibre Channel management instance is defined in [RFC4044] as a separable managed instance of Fibre Channel functionality. Fibre Channel functionality may be grouped into Fibre Channel management instances in whatever way is most convenient for the implementation(s). For example, one such grouping accommodates a single SNMP agent having multiple AgentX [RFC2741] sub-agents, with each sub-agent implementing a different Fibre Channel management instance.

[RFC4044]中将光纤通道管理实例定义为光纤通道功能的可分离托管实例。光纤通道功能可以以对实施最方便的方式分组到光纤通道管理实例中。例如,一个这样的分组容纳具有多个AgentX[RFC2741]子代理的单个SNMP代理,每个子代理实现不同的光纤通道管理实例。

The object, fcmInstanceIndex, is IMPORTed from the FC-MGMT-MIB [RFC4044] as the index value to uniquely identify each Fibre Channel management instance, for example, within the same SNMP context ([RFC3411] section 3.3.1).

对象fcmInstanceIndex作为索引值从FC-MGMT-MIB[RFC4044]导入,以唯一标识每个光纤通道管理实例,例如,在同一SNMP上下文中([RFC3411]第3.3.1节)。

4.2. Entity Name
4.2. 实体名称

A central capability of FC-SP is the use of an Authentication Protocol. The purpose of each of the possible Authentication Protocols is to allow a Fibre Channel entity to be assured of the identity of each entity with which it is communicating. Examples of such entities are Fibre Channel Switches and Fibre Channel Nx_Ports.

FC-SP的核心功能是使用身份验证协议。每种可能的身份验证协议的目的都是允许光纤通道实体确保与其通信的每个实体的身份。此类实体的示例包括光纤通道交换机和光纤通道Nx_端口。

Each entity is identified by a name. The FC-MGMT-MIB [RFC4044] defines MIB objects for such names:

每个实体都由一个名称标识。FC-MGMT-MIB[RFC4044]为以下名称定义MIB对象:

- for entities that are Fibre Channel Switches, the definition of a Fibre Channel management instance allows multiple Switches to be managed by the same Fibre Channel management instance. In this case, each entity is a Switch and has the name given by the MIB object, fcmSwitchWWN.

- 对于作为光纤通道交换机的实体,光纤通道管理实例的定义允许同一光纤通道管理实例管理多个交换机。在本例中,每个实体都是一个交换机,其名称由MIB对象fcmSwitchWWN给定。

- for entities other than Fibre Channel Switches, a Fibre Channel management instance can manage only one entity, and the name of the entity is given by the MIB object, fcmInstanceWwn.

- 对于光纤通道交换机以外的实体,光纤通道管理实例只能管理一个实体,该实体的名称由MIB对象fcmInstanceWwn提供。

4.3. Fabric Index
4.3. 织物指数

With multiple Fabrics, each Fabric has its own instances of the Fabric-related management instrumentation. Thus, these MIB modules define all Fabric-related information in tables that are INDEX-ed by an arbitrary integer, named a "Fabric Index". The syntax of a Fabric Index is T11FabricIndex, imported from T11-TC-MIB [RFC4439]. When a device is connected to a single physical Fabric, without use of any virtual Fabrics, the value of this Fabric Index will always be 1. In an environment of multiple virtual and/or physical Fabrics, this index provides a means to distinguish one Fabric from another.

对于多个结构,每个结构都有其自己的与结构相关的管理工具实例。因此,这些MIB模块在表中定义了所有与结构相关的信息,这些表由一个任意整数(称为“结构索引”)进行索引。结构索引的语法为T11FabricIndex,从T11-TC-MIB[RFC4439]导入。当设备连接到单个物理结构而不使用任何虚拟结构时,此结构索引的值将始终为1。在包含多个虚拟和/或物理结构的环境中,此索引提供了一种将一个结构与另一个结构区分开来的方法。

4.4. Interface Index
4.4. 界面索引

Several of the MIB modules defined in this document use the InterfaceIndexOrZero syntax in order to allow information to be specified/instantiated on a per-port/interface basis, e.g., for: statistics, Traffic Selectors, Security Associations, etc. This allows the same object to be used either when there is a separate row for each of multiple ports/interfaces, or when multiple interfaces are represented by a single row. The use of a zero value supports the simpler cases of: a) when there is only one port/interface, b) where the implementation chooses to aggregate the information for multiple ports/interfaces. The minimum (for compliance) requirement is to implement any one of the above cases.

本文档中定义的几个MIB模块使用InterfaceIndexOrZero语法,以允许在每个端口/接口的基础上指定/实例化信息,例如:统计信息、流量选择器、安全关联、,等。当多个端口/接口中的每一个都有单独的行时,或者当多个接口由一行表示时,这允许使用相同的对象。零值的使用支持以下更简单的情况:a)只有一个端口/接口,b)实现选择聚合多个端口/接口的信息。最低(合规)要求是实施上述任何一种情况。

When a Fabric Index and an object with the InterfaceIndexOrZero syntax are used together in a single INDEX clause, the InterfaceIndexOrZero object is listed before the Fabric Index in order to simplify management queries that retrieve information concerning multiple Fabrics connected to the same port/interface.

当在单个索引子句中同时使用结构索引和具有InterfaceIndexOrZero语法的对象时,InterfaceIndexOrZero对象将列在结构索引之前,以简化检索与连接到同一端口/接口的多个结构有关的信息的管理查询。

4.5. Syntax for Policy Object Names
4.5. 策略对象名称的语法

T11FcSpPolicyNameType and T11FcSpPolicyName are two Textual Conventions defined in this document (in the T11-FC-SP-TC-MIB module) to represent the types and values of Policy Object Names (see section 3.4.5.1 above). However, two of the nine possible types are IPv4 Address Range and IPv6 Address Range. It is standard practice in MIB modules to represent all IP addresses using the standard Textual Conventions defined in [RFC4001] for IP addresses: specifically, InetAddressType and InetAddress. This document adheres to such standard practice to the following extent:

T11FcSpPolicyName类型和T11FcSpPolicyName是本文档(在T11-FC-SP-TC-MIB模块中)中定义的两种文本约定,用于表示策略对象名称的类型和值(请参见上文第3.4.5.1节)。然而,九种可能的类型中有两种是IPv4地址范围和IPv6地址范围。MIB模块中的标准做法是使用[RFC4001]中定义的IP地址标准文本约定来表示所有IP地址:具体来说,是InetAddressType和InetAddress。本文件在以下范围内遵守此类标准惯例:

- for MIB objects representing a Policy Object Name that can *only* be an IPv4 Address Range or an IPv6 Address Range, then those MIB objects are defined as a 3-tuple: (InetAddressType, InetAddress, InetAddress), in which the first address is the low end of the range, the second address is the high end of the range, and both addresses are of the type given by InetAddressType.

- 对于表示策略对象名称的MIB对象(只能*是IPv4地址范围或IPv6地址范围),则这些MIB对象定义为3元组:(InetAddressType,InetAddress,InetAddress),其中第一个地址是范围的低端,第二个地址是范围的高端,这两个地址都是InetAddressType给定的类型。

- for MIB objects representing a Policy Object Name that is (possibly) of a different type, i.e., it is not (necessarily) an IPv4 or IPv6 Address Range, then those MIB objects are defined as a 2-tuple: (T11FcSpPolicyNameType, T11FcSpPolicyName), in which the first object represents the type of Policy Object Name and the second object represents the value of the Policy Object Name. For MIB objects defined in this manner, if and when they represent a range of IP addresses: a) the value of T11FcSpPolicyNameType differentiates between an IPv4 Address Range and an IPv6 Address Range; and b) the value of T11FcSpPolicyName is one string containing the concatenation of the two addresses that are the low and high addresses of the range. This is the same format as used within FC-SP Policy Objects [FC-SP].

- 对于表示不同类型(可能)的策略对象名称的MIB对象,即它(不一定)是IPv4或IPv6地址范围,则这些MIB对象定义为2元组:(T11FcSpPolicyNameType,T11FcSpPolicyName),其中第一个对象表示策略对象名称的类型,第二个对象表示策略对象名称的值。对于以这种方式定义的MIB对象,如果它们表示一个IP地址范围:a)T11FcSpPolicyNameType的值区分IPv4地址范围和IPv6地址范围;和b)T11FcSpPolicyName的值是一个字符串,包含两个地址的串联,这两个地址是范围的低位和高位地址。这与FC-SP策略对象[FC-SP]中使用的格式相同。

4.6. Certificates, CAs, and CRLs
4.6. 证书、CA和CRL

In order to authenticate with the FCAP protocol, each entity, identified by a unique Name, is provided with: a digital certificate associated with that Name, the private/public key pair that corresponds to the certificate, and with the Root Certificate (the certificate of the signing Certification Authority). To authenticate another entity, an entity is required to be provided with the certificate of the associated Certification Authority.

为了使用FCAP协议进行身份验证,每个实体(由唯一名称标识)都被提供:与该名称关联的数字证书、与该证书对应的私钥/公钥对以及根证书(签名证书颁发机构的证书)。要认证另一个实体,需要向实体提供相关证书颁发机构的证书。

FCAP requires entities to support at least four Root Certificates against which received corresponding certificates can be validated. Support for certificate chains and verification of certificate chains

FCAP要求实体至少支持四个根证书,根据这些根证书可以验证收到的相应证书。支持证书链和证书链验证

containing more than one certificate is optional. Entities need to be able to access a Certificate Revocation List (CRL) for each configured Root Certificate, if one is available from the CA. Certificates on the CRL are considered invalid.

包含多个证书是可选的。实体需要能够访问每个已配置根证书的证书吊销列表(CRL)(如果CA提供)。CRL上的证书被视为无效。

The management of certificates, Certification Authorities, and Certificate Revocation Lists is the same in Fibre Channel networks as it is in other networks. Therefore, this document does not define any MIB objects for such management.

在光纤通道网络中,证书、证书颁发机构和证书吊销列表的管理与在其他网络中相同。因此,本文档没有为此类管理定义任何MIB对象。

4.7. Traffic Selectors
4.7. 流量选择器

When Traffic Selectors are compared against an ingress or egress frame in order to determine the security processing to be applied to that frame, there are circumstances in which multiple Traffic Selectors, specifying different actions, can match with the frame. Specifically, when matching against an egress frame to decide which active Security Association to transmit on, or, against an ingress frame unprotected by FC-SP, i.e., without an SPI value in it, to decide which action ('drop' or 'bypass') to apply. For these cases, the MIB includes a unique precedence value for each Traffic Selector such that the one with the numerically lowest precedence value is determined to be the one that matches. In contrast, ingress frames on active Security Associations (i.e., protected by FC-SP) are compared against the set of traffic selectors negotiated when the Security Association was set up and identified by the SPI value contained in the frame; the action taken depends on whether any Traffic Selector matches, but not on which one.

当将流量选择器与入口或出口帧进行比较以确定要应用于该帧的安全处理时,存在多个指定不同操作的流量选择器可以与该帧匹配的情况。具体而言,当与出口帧匹配以决定在哪个活动安全关联上传输时,或与未受FC-SP保护的入口帧(即,其中没有SPI值)匹配时,决定应用哪个操作(“删除”或“绕过”)。对于这些情况,MIB为每个流量选择器包括一个唯一的优先级值,以便将优先级值最低的一个确定为匹配的一个。相反,将活动安全关联(即,受FC-SP保护)上的入口帧与安全关联建立时协商的流量选择器集进行比较,并通过帧中包含的SPI值进行识别;所采取的操作取决于是否有任何流量选择器匹配,而不是哪一个。

This difference between ingress and egress Traffic Selectors on active Security Associations is reflected in having separate MIB tables defined for them: the table for Traffic Selectors on egress SAs, t11FcSpSaTSelNegOutTable, has a precedence value in its INDEX clause; whereas the table for Traffic Selectors on ingress SAs, t11FcSpSaTSelNegInTable, has an arbitrary integer value in its INDEX clause. For 'drop' and 'bypass' Traffic Selectors, one table, t11FcSpSaTSelDrByTable, having a precedence value in its INDEX clause, is sufficient for both ingress and egress traffic.

活动安全关联上的入口和出口流量选择器之间的这种差异反映在为它们定义了单独的MIB表中:出口SAs上的流量选择器表T11FCPSSATSELNEGOUTABLE在其INDEX子句中具有优先值;而ingress SAs上的流量选择器表T11FCPSATSELNENGTABLE在其INDEX子句中有一个任意整数值。对于“drop”和“bypass”流量选择器,一个表T11FCPSATSELDRBYTABLE(在其索引子句中具有优先权值)足以用于入口和出口流量。

4.8. The MIB Modules
4.8. MIB模块
4.8.1. The T11-FC-SP-TC-MIB Module
4.8.1. T11-FC-SP-TC-MIB模块

This MIB module defines Textual Conventions that are being, or have the potential to be, used in more than one MIB module. The module also defines Object Identifiers to identify the Cryptographic Algorithms listed in [FC-SP] so that they can be used as the value of various MIB objects that specify the algorithms being/to be used by an FC-SP implementation.

此MIB模块定义正在或可能在多个MIB模块中使用的文本约定。该模块还定义了对象标识符,以识别[FC-SP]中列出的加密算法,以便它们可以用作各种MIB对象的值,这些MIB对象指定FC-SP实现正在/将要使用的算法。

4.8.2. The T11-FC-SP-AUTHENTICATION-MIB Module
4.8.2. T11-FC-SP-AUTHENTICATION-MIB模块

This MIB module specifies the management information required to manage FC-SP Authentication Protocols. It defines three tables:

此MIB模块指定管理FC-SP身份验证协议所需的管理信息。它定义了三个表:

- t11FcSpAuEntityTable -- a table of Fibre Channel entities that can be authenticated using FC-SP's Authentication Protocols, including the names, capabilities, and basic configuration parameters of the entities.

- t11FcSpAuEntityTable--可以使用FC-SP的身份验证协议进行身份验证的光纤通道实体表,包括实体的名称、功能和基本配置参数。

- t11FcSpAuIfStatTable -- this table has two purposes: to be a list of the mappings of a FC-SP Authentication entity onto an interface and to contain Authentication Protocol per-interface statistics.

- T11FCSAUIFSTATTABLE——此表有两个用途:作为FC-SP身份验证实体到接口的映射列表,并包含每个接口的身份验证协议统计信息。

- t11FcSpAuRejectTable -- a table of FC-SP Authentication Protocol transactions that were recently rejected.

- t11FcSpAuRejectTable——最近被拒绝的FC-SP身份验证协议事务表。

It also defines two notifications: one for sending a reject in response to an AUTH message and another for receiving a reject in response to an AUTH message.

它还定义了两个通知:一个用于发送拒绝以响应身份验证消息,另一个用于接收拒绝以响应身份验证消息。

4.8.3. The T11-FC-SP-ZONING-MIB Module
4.8.3. T11-FC-SP-MIB模块

This MIB module specifies the extensions to the T11-FC-ZONE-SERVER-MIB module [RFC4936] for the management of FC-SP Zoning Servers. Specifically, it augments three tables defined in T11-FC-ZONE-SERVER-MIB:

此MIB模块指定T11-FC-ZONE-SERVER-MIB模块[RFC4936]的扩展,用于管理FC-SP分区服务器。具体而言,它扩充了T11-FC-ZONE-SERVER-MIB中定义的三个表:

- t11FcSpZsServerTable -- to this table, it adds FC-SP Zoning information defined for Zone Servers.

- T11FCSPSZSServerTable——该表添加了为区域服务器定义的FC-SP分区信息。

- t11ZsStatsTable -- to this table, it adds FC-SP Zoning statistics for Zone Servers.

- t11ZsStatsTable——该表添加了区域服务器的FC-SP分区统计信息。

- t11ZsNotifyControlTable -- to this table, it adds control information for FC-SP Zoning notifications.

- t11ZsNotifyControlTable——该表添加了FC-SP分区通知的控制信息。

It also defines two FC-SP Zoning notifications: one for success and one for failure in the joining of two Fabrics.

它还定义了两个FC-SP分区通知:一个用于连接两个结构时成功,另一个用于连接失败。

4.8.4. The T11-FC-SP-POLICY-MIB Module
4.8.4. T11-FC-SP-POLICY-MIB模块

This MIB module specifies management information that is used to manage FC-SP policies. The MIB module has five parts:

此MIB模块指定用于管理FC-SP策略的管理信息。MIB模块有五个部分:

- Active Policy Objects - read-only MIB objects representing the set of active Policy Objects for each Fabric;

- 活动策略对象-只读MIB对象,表示每个结构的活动策略对象集;

- Activate/Deactivate Operations - read-write MIB objects for invoking operations, either 1) to activate policies that are specified as a set of non-active Policy Objects, or 2) to deactivate the currently active policies; also included are objects giving the status of invoked operations;

- 激活/停用操作-用于调用操作的读写MIB对象,1)激活指定为一组非活动策略对象的策略,或2)停用当前活动策略;还包括提供调用操作状态的对象;

- Non-Active Policy Objects - read-create MIB objects to create and modify non-active Policy Objects;

- 非活动策略对象-读取创建MIB对象以创建和修改非活动策略对象;

- Statistics for FC-SP Security Policy Servers;

- FC-SP安全策略服务器的统计信息;

- The definition and control of notifications for the success or failure of the activation or deactivation of FC-SP policies.

- FC-SP策略激活或停用成功或失败通知的定义和控制。

4.8.5. The T11-FC-SP-SA-MIB Module
4.8.5. T11-FC-SP-SA-MIB模块

This MIB module specifies the management information required to manage Security Associations established via FC-SP. All of the tables in this MIB module are INDEX-ed by t11FcSpSaIfIndex, with syntax InterfaceIndexOrZero, which is either non-zero for a specific interface or zero for all (of the management instance's) interfaces to the particular Fabric.

此MIB模块指定管理通过FC-SP建立的安全关联所需的管理信息。此MIB模块中的所有表都由T11FCPSAIFINDEX索引,语法为InterfaceIndexOrZero,对于特定接口为非零,对于所有(管理实例)为零特定结构的接口。

The MIB module consists of six parts:

MIB模块由六部分组成:

- a per-Fabric table, t11FcSpSaIfTable, of capabilities, parameters, status information, and counters; the counters include non-transient aggregates of per-SA transient counters;

- 功能、参数、状态信息和计数器的每个结构表T11FCSSAIFTABLE;计数器包括每SA瞬态计数器的非瞬态聚合;

- three tables, t11FcSpSaPropTable, t11FcSpSaTSelPropTable, and t11FcSpSaTransTable, specifying the proposals for an FC-SP entity acting as an SA_Initiator to present to the SA_Responder during the negotiation of Security Associations. The same information is also used by an FC-SP entity acting as an SA_Responder to decide what to accept during the negotiation of

- 三个表,T11FCSP PropTable、T11FCSSatSelPropTable和T11FCSSatTransTable,规定了FC-SP实体作为SA_发起人在安全关联协商期间向SA_响应者提交的提案。作为SA_响应者的FC-SP实体也使用相同的信息来决定在谈判过程中接受什么

Security Associations. One of these tables, t11FcSpSaTransTable, is used not only for information about security transforms to propose and to accept, but also as agreed upon during the negotiation of Security Associations;

安全协会。其中一个表T11FCPSATranstable不仅用于建议和接受的安全转换信息,还用于在安全关联协商过程中商定的信息;

- a table, t11FcSpSaTSelDrByTable, of Traffic Selectors having the security action of 'drop' or 'bypass' to be applied either to ingress traffic, which is unprotected by FC-SP, or to all egress traffic;

- 流量选择器的表T11FCSSATSELDRBYTABLE,具有“下降”或“旁路”安全动作,可应用于FC-SP未保护的入口流量或所有出口流量;

- four tables, t11FcSpSaPairTable, t11FcSpSaTSelNegInTable, t11FcSpSaTSelNegOutTable, and t11FcSpSaTSelSpiTable, containing information about active bidirectional pairs of Security Associations; in particular, t11FcSpSaPairTable has one row per active bidirectional SA pair, t11FcSpSaTSelNegInTable and t11FcSpSaTSelNegOutTable contain information on the Traffic Selectors negotiated on the SAs, and the t11FcSpSaTSelSpiTable is an alternate lookup table such that the Traffic Selector(s) in use on a particular Security Association can be quickly determined based on its (ingress) SPI value;

- 四个表,T11FCSSAPAIRTABLE、T11FCSSATSELNENGTABLE、T11FCSSATSELNENGOUTTABLE和T11FCSSATSELSPITABLE,包含有关活动双向安全关联对的信息;特别是,T11FCSSAPAIRSTABLE每个活动双向SA对有一行,T11FCSSATSELNEGGATABLE和T11FCSSATSELNEGGOUTTABLE包含有关SAs上协商的流量选择器的信息,T11FCSSATSELSPITABLE是一个备用查找表,以便流量选择器可以基于其(入口)SPI值快速确定在特定安全关联上的使用;

- a table, t11FcSpSaControlTable, of control and other information concerning the generation of notifications for events related to FC-SP Security Associations;

- 控制表T11FCPSASCONTROLTABLE以及与FC-SP安全关联相关事件通知生成相关的其他信息;

- one notification, t11FcSpSaNotifyAuthFailure, generated on the occurrence of an Authentication failure for a received FC-2 or CT_IU frame.

- 在接收到的FC-2或CT_IU帧发生身份验证失败时生成一个通知T11FCPSSANOTIFYAUTHFAILURE。

4.9. Rate Control for Notifications
4.9. 通知的速率控制

All but one of the notifications defined in the five MIB modules in this document are notifications that are generated based on events occurring in the "control plane", e.g., notifications that are generated at the frequency of operator-initiated activities. The one exception is t11FcSpSaNotifyAuthFailure, which is generated based on an event occurring in the "data plane", and could (in a worst case scenario) occur for every received ingress frame. Therefore, a method of rate controlling the generation of notifications is needed for t11FcSpSaNotifyAuthFailure, but not for any of the other notifications.

本文件中五个MIB模块中定义的通知中,除一个以外的所有通知都是基于“控制平面”中发生的事件生成的通知,例如,以操作员启动活动的频率生成的通知。一个例外是T11FCPSSANOTIFYAUTHFAILURE,它是根据“数据平面”中发生的事件生成的,并且可能(在最坏的情况下)针对每个接收到的入口帧发生。因此,T11FCPSSANOTIFYAUTHFAILURE需要一种速率控制通知生成的方法,但其他任何通知都不需要。

For t11FcSpSaNotifyAuthFailure, rate control is achieved by specifying that a) after the first occurrence of an Authentication failure on any particular Security Association, the SNMP notifications for second and subsequent failures are suppressed for the duration of a time window and b) that even the notification for the first occurrence is suppressed after it is sent in the same time

对于T11FCPSSANOTIFYAUTHFAILURE,通过指定a)在任何特定安全关联上首次出现身份验证失败后,第二次和后续故障的SNMP通知在一个时间窗口内被抑制,b)即使第一次出现的通知在同一时间发送后也被抑制

window for a configured (in t11FcSpSaControlMaxNotifs) number of Security Associations within a Fabric. Note that while these suppressions prevent the network from being flooded with notifications, the Authentication Failures themselves must still be detected and counted.

用于在结构中配置(在T11FCPSASCONTROLMAXNOTIFS中)安全关联数的窗口。请注意,尽管这些抑制措施可以防止网络中充斥着通知,但仍必须检测和统计身份验证失败本身。

The length of the time window is given by t11FcSpSaControlWindow, a read-write object in the t11FcSpSaControlTable. If and when the time since the last generation of the notification is less than the value of sysUpTime (e.g., if one or more notifications have occurred since the last re-initialization of the management system), then t11FcSpSaControlElapsed and t11FcSpSaControlSuppressed contain the elapsed time since the last notification and the number of notifications suppressed in the window after sending the last one, respectively. Otherwise, t11FcSpSaControlElapsed contains the value of sysUpTime and t11FcSpSaControlSuppressed has the value zero.

时间窗口的长度由T11FCPSASCONTROLWindow给出,T11FCPSASCONTROLTABLE中的一个读写对象。如果自上次生成通知以来的时间小于sysUpTime的值(例如,如果自上次重新初始化管理系统以来发生了一个或多个通知),然后T11FCPSASCONTROLEPRASED和T11FCPSASCONTROLSUPPORTED分别包含自上次通知以来经过的时间和发送上次通知后在窗口中抑制的通知数。否则,T11FCPSAControlepersed包含sysUpTime的值,T11FCPSAControlsuppressed的值为零。

5. Relationship to Other MIB Modules
5. 与其他MIB模块的关系

The first standardized MIB module for Fibre Channel [RFC2837] was focused on Fibre Channel Switches. It was obsoleted by the more generic Fibre Channel Management MIB [RFC4044], which defines basic information for Fibre Channel Nodes and Switches, including extensions to the standard IF-MIB [RFC2863] for Fibre Channel interfaces. Several other MIB modules have since been defined to extend [RFC4044] for various specific Fibre Channel functionality, (e.g., [RFC4438], [RFC4439], [RFC4625], [RFC4626], [RFC4747], [RFC4936], [RFC4935], and [RFC4983]).

光纤通道的第一个标准化MIB模块[RFC2837]主要用于光纤通道交换机。它被更通用的光纤通道管理MIB[RFC4044]淘汰,该MIB定义了光纤通道节点和交换机的基本信息,包括光纤通道接口标准IF-MIB[RFC2863]的扩展。此后,定义了几个其他MIB模块以扩展[RFC4044]以实现各种特定光纤通道功能(例如,[RFC4438]、[RFC4439]、[RFC4625]、[RFC4626]、[RFC4747]、[RFC4936]、[RFC4935]和[RFC4983])。

The MIB modules defined in this memo further extend [RFC4044] to cover the operation of Fibre Channel Security Protocols, as specified in [FC-SP].

本备忘录中定义的MIB模块进一步扩展了[RFC4044],以涵盖[FC-SP]中规定的光纤通道安全协议的操作。

One part of the FC-SP specification is "FC-SP Zoning", which is an extension/variant of the Fibre Channel Zoning defined in [FC-GS-5]. Management information for the latter is defined in the T11-FC-ZONE-SERVER-MIB module [RFC4936]. Consequently, the T11-FC-SP-ZONING-MIB module defined in this document defines the extensions to the T11-FC-ZONE-SERVER-MIB module that are needed to manage FC-SP Zoning.

FC-SP规范的一部分是“FC-SP分区”,它是[FC-GS-5]中定义的光纤通道分区的扩展/变体。后者的管理信息在T11-FC-ZONE-SERVER-MIB模块[RFC4936]中定义。因此,本文档中定义的T11-FC-SP-ZONING-MIB模块定义了管理FC-SP分区所需的T11-FC-ZONE-SERVER-MIB模块的扩展。

The MIB modules in this memo import some common Textual Conventions from T11-TC-MIB, defined in [RFC4439], and from INET-ADDRESS-MIB, defined in [RFC4001].

本备忘录中的MIB模块从[RFC4439]中定义的T11-TC-MIB和[RFC4001]中定义的INET-ADDRESS-MIB导入一些常见的文本约定。

If the RADIUS protocol is used for access to an external server, information about RADIUS Servers is likely to be available from the RADIUS-AUTH-CLIENT-MIB [RFC4668].

如果RADIUS协议用于访问外部服务器,则有关RADIUS服务器的信息可能可以从RADIUS-AUTH-CLIENT-MIB[RFC4668]获得。

6. MIB Module Definitions
6. MIB模块定义
6.1. The T11-FC-SP-TC-MIB Module
6.1. T11-FC-SP-TC-MIB模块
T11-FC-SP-TC-MIB  DEFINITIONS ::= BEGIN
        
T11-FC-SP-TC-MIB  DEFINITIONS ::= BEGIN
        

IMPORTS MODULE-IDENTITY, OBJECT-IDENTITY, mib-2, Unsigned32 FROM SNMPv2-SMI -- [RFC2578] TEXTUAL-CONVENTION FROM SNMPv2-TC; -- [RFC2579]

从SNMPv2 SMI导入MODULE-IDENTITY、OBJECT-IDENTITY、mib-2、Unsigned32--[RFC2578]文本约定从SNMPv2 TC;--[RFC2579]

t11FcTcMIB MODULE-IDENTITY LAST-UPDATED "200808200000Z" ORGANIZATION "This MIB module was developed through the coordinated effort of two organizations: T11 began the development and the IETF (in the IMSS Working Group) finished it." CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com

t11FcTcMIB MODULE-IDENTITY上次更新的“200808200000Z”组织“该MIB模块是通过两个组织的协调工作开发的:T11开始开发,IETF(在IMSS工作组中)完成了开发。”联系信息“Claudio DeSanti Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号,邮编95134电子邮件:cds@cisco.com

Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Email: kzm@cisco.com" DESCRIPTION "This MIB module defines Textual Conventions for use in the multiple MIB modules, which together define the instrumentation for an implementation of the Fibre Channel Security Protocols (FC-SP) specification.

Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号邮编:95134电子邮件:kzm@cisco.com“说明”此MIB模块定义了多个MIB模块中使用的文本约定,这些MIB模块共同定义了光纤通道安全协议(FC-SP)规范实施的工具。

This MIB module also defines Object Identities (for use as possible values of MIB objects with syntax AutonomousType), including OIDs for the Cryptographic Algorithms defined in FC-SP.

此MIB模块还定义对象标识(用作语法自治类型的MIB对象的可能值),包括FC-SP中定义的加密算法的OID。

           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 175 }
        
           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 175 }
        
t11FcSpIdentities OBJECT IDENTIFIER ::= { t11FcTcMIB 1 }
t11FcSpAlgorithms OBJECT IDENTIFIER ::= { t11FcSpIdentities 1 }
        
t11FcSpIdentities OBJECT IDENTIFIER ::= { t11FcTcMIB 1 }
t11FcSpAlgorithms OBJECT IDENTIFIER ::= { t11FcSpIdentities 1 }
        

-- -- Textual Conventions --

----文本约定--

T11FcSpPolicyHashFormat ::=  TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "Identifies a cryptographic hash function used to create
           a hash value that summarizes an FC-SP Policy Object.
        
T11FcSpPolicyHashFormat ::=  TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "Identifies a cryptographic hash function used to create
           a hash value that summarizes an FC-SP Policy Object.
        

Each definition of an object with this TC as its syntax must be accompanied by a corresponding definition of an object with T11FcSpPolicyHashValue as its syntax, and containing the hash value.

使用此TC作为语法的对象的每个定义必须附带使用T11FcSpPolicyHashValue作为语法的对象的相应定义,并包含哈希值。

The first two cryptographic hash functions are:

前两个加密哈希函数是:

Hash Type Hash Tag Hash Length (Bytes) SHA-1 '00000001'h 20 SHA-256 '00000002'h 32 " REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, section 7.1.3.1 and table 106. - FIPS PUB 180-2." SYNTAX OCTET STRING (SIZE (4))

散列类型散列标签散列长度(字节)SHA-1'00000001'h 20 SHA-256'00000002'h 32“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,第7.1.3.1节和表106。-FIPS PUB 180-2.“语法八位字符串(大小(4))

T11FcSpPolicyHashValue ::=  TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "Represents the value of the cryptographic hash function
           of an FC-SP Policy Object.
        
T11FcSpPolicyHashValue ::=  TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "Represents the value of the cryptographic hash function
           of an FC-SP Policy Object.
        

Each definition of an object with this TC as its syntax must be accompanied by a corresponding definition of an object with T11FcSpPolicyHashFormat as its syntax. The corresponding object identifies the cryptographic hash function used to create the hash value." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, section 7.1.3.1 and table 106." SYNTAX OCTET STRING (SIZE (0..64))

使用此TC作为语法的对象的每个定义都必须附带使用T11FCSPolicHashFormat作为语法的对象的相应定义。相应的对象标识用于创建散列值的加密散列函数。“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,第7.1.3.1节和表106。“语法八位字符串(大小(0..64))

T11FcSpHashCalculationStatus ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "When some kind of 'database' is defined in a set of
           read-write MIB objects, it is common that multiple changes
           in the data need to be made at the same time.  So, if hash
           values are maintained for that data, those hash values are
           only correct if and when they are re-calculated after every
           change.  In such circumstances, the use of an object with
           this syntax allows the re-calculation of the hash values to
           be deferred until all changes have been made, and therefore
           the calculation need only be done once after all changes,
           rather than repeatedly/after each individual change.
        
T11FcSpHashCalculationStatus ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "When some kind of 'database' is defined in a set of
           read-write MIB objects, it is common that multiple changes
           in the data need to be made at the same time.  So, if hash
           values are maintained for that data, those hash values are
           only correct if and when they are re-calculated after every
           change.  In such circumstances, the use of an object with
           this syntax allows the re-calculation of the hash values to
           be deferred until all changes have been made, and therefore
           the calculation need only be done once after all changes,
           rather than repeatedly/after each individual change.
        

The definition of an object defined using this TC is required to specify which one or more instances of which MIB objects contain the hash values operated upon (or whose status is given) by the value of this TC.

使用此TC定义的对象的定义需要指定MIB对象的一个或多个实例包含此TC值操作的哈希值(或其状态给定)。

When read, the value of an object with this syntax is either:

读取时,具有此语法的对象的值为:

correct -- the identified MIB object instance(s) contain the correct hash values; or stale -- the identified MIB object instance(s) contain stale (possibly incorrect) values.

正确--标识的MIB对象实例包含正确的哈希值;或陈旧--标识的MIB对象实例包含陈旧(可能不正确)的值。

           Writing a value of 'calculate' is a request to re-calculate
           and update the values of the corresponding instances of the
           identified MIB objects.  Writing a value of 'correct' or
           'stale' to this object is an error (e.g., 'wrongValue')."
    SYNTAX       INTEGER {
                     calculate(1),
                     correct(2),
                     stale(3)
                 }
        
           Writing a value of 'calculate' is a request to re-calculate
           and update the values of the corresponding instances of the
           identified MIB objects.  Writing a value of 'correct' or
           'stale' to this object is an error (e.g., 'wrongValue')."
    SYNTAX       INTEGER {
                     calculate(1),
                     correct(2),
                     stale(3)
                 }
        
T11FcSpAuthRejectReasonCode ::=  TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A reason code contained in an AUTH_Reject message, or
           in an SW_RJT (rejecting an AUTH_ILS), or in an LS_RJT
           (rejecting an AUTH-ELS)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 17, 48, 52."
    SYNTAX        INTEGER {
        
T11FcSpAuthRejectReasonCode ::=  TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A reason code contained in an AUTH_Reject message, or
           in an SW_RJT (rejecting an AUTH_ILS), or in an LS_RJT
           (rejecting an AUTH-ELS)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 17, 48, 52."
    SYNTAX        INTEGER {
        

authFailure(1), logicalError(2), logicalBusy(3), authILSNotSupported(4), authELSNotSupported(5), notLoggedIn(6) }

authFailure(1)、logicalError(2)、logicalBusy(3)、authILSNotSupported(4)、authELSNotSupported(5)、notLoggedIn(6)}

T11FcSpAuthRejReasonCodeExp ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A reason code explanation contained in an AUTH_Reject
           message, or in an SW_RJT (rejecting an AUTH_ILS), or in
           an LS_RJT (rejecting an AUTH-ELS)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Tables 18, 48, 52."
    SYNTAX        INTEGER {
                      authMechanismNotUsable(1),
                      dhGroupNotUsable(2),
                      hashFunctionNotUsable(3),
                      authTransactionAlreadyStarted(4),
                      authenticationFailed(5),
                      incorrectPayload(6),
                      incorrectAuthProtocolMessage(7),
                      restartAuthProtocol(8),
                      authConcatNotSupported(9),
                      unsupportedProtocolVersion(10),
                      logicalBusy(11),
                      authILSNotSupported(12),
                      authELSNotSupported(13),
                      notLoggedIn(14)
                  }
        
T11FcSpAuthRejReasonCodeExp ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A reason code explanation contained in an AUTH_Reject
           message, or in an SW_RJT (rejecting an AUTH_ILS), or in
           an LS_RJT (rejecting an AUTH-ELS)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Tables 18, 48, 52."
    SYNTAX        INTEGER {
                      authMechanismNotUsable(1),
                      dhGroupNotUsable(2),
                      hashFunctionNotUsable(3),
                      authTransactionAlreadyStarted(4),
                      authenticationFailed(5),
                      incorrectPayload(6),
                      incorrectAuthProtocolMessage(7),
                      restartAuthProtocol(8),
                      authConcatNotSupported(9),
                      unsupportedProtocolVersion(10),
                      logicalBusy(11),
                      authILSNotSupported(12),
                      authELSNotSupported(13),
                      notLoggedIn(14)
                  }
        
T11FcSpHashFunctions ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A set of zero, one, or more hash functions defined for
           use in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 14."
    SYNTAX        BITS {
                      md5(0),
                      sha1(1)
                  }
        
T11FcSpHashFunctions ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A set of zero, one, or more hash functions defined for
           use in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 14."
    SYNTAX        BITS {
                      md5(0),
                      sha1(1)
                  }
        
T11FcSpSignFunctions ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A set of zero, one, or more signature functions defined
           for signing certificates for use with FCAP in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, tables 38 & 39."
    SYNTAX        BITS {
                      rsaSha1(0)
                  }
        
T11FcSpSignFunctions ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A set of zero, one, or more signature functions defined
           for signing certificates for use with FCAP in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, tables 38 & 39."
    SYNTAX        BITS {
                      rsaSha1(0)
                  }
        
T11FcSpDhGroups ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A set of zero, one, or more DH Groups defined for use
           in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 15."
    SYNTAX        BITS {
                      null(0),
                      group1024(1),
                      group1280(2),
                      group1536(3),
                      group2048(4),
                      group3072(5),
                      group4096(6),
                      group6144(7),
                      group8192(8)
                  }
        
T11FcSpDhGroups ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A set of zero, one, or more DH Groups defined for use
           in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 15."
    SYNTAX        BITS {
                      null(0),
                      group1024(1),
                      group1280(2),
                      group1536(3),
                      group2048(4),
                      group3072(5),
                      group4096(6),
                      group6144(7),
                      group8192(8)
                  }
        
T11FcSpPolicyObjectType ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A value that identifies the type of an FC-SP Policy
           Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 102."
    SYNTAX   INTEGER {
                 summary(1),
                 switchMemberList(2),
                 nodeMemberList(3),
                 switchConnectivity(4),
        
T11FcSpPolicyObjectType ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A value that identifies the type of an FC-SP Policy
           Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 102."
    SYNTAX   INTEGER {
                 summary(1),
                 switchMemberList(2),
                 nodeMemberList(3),
                 switchConnectivity(4),
        

ipMgmtList(5), attribute(6) }

ipMgmtList(5),属性(6)}

T11FcSpPolicyNameType ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "The format and usage of a companion object having
           T11FcSpPolicyName as its syntax.
        
T11FcSpPolicyNameType ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "The format and usage of a companion object having
           T11FcSpPolicyName as its syntax.
        

Six of the values indicate the same format, i.e., they differ only in semantics. That common format is a Fibre Channel 'Name_Identifier', i.e., the same syntax as 'FcNameIdOrZero (SIZE(8))'.

其中六个值表示相同的格式,即它们仅在语义上不同。该通用格式是光纤通道的“名称标识符”,即与“FcNameIdOrZero(大小(8))”相同的语法。

These six are three pairs of one restricted and one unrestricted. Each usage of this syntax must specify what the meaning of 'restricted' is for that usage and how the characteristics and behavior of restricted names differ from unrestricted names.

这六对是三对,一对是限制性的,一对是非限制性的。此语法的每次使用都必须指定“受限”在该用法中的含义,以及受限名称与非受限名称的特征和行为有何不同。

The six are:

这六项是:

'nodeName' - a Node_Name, which is the Name_Identifier associated with a Fibre Channel Node.

“nodeName”-节点名称,是与光纤通道节点关联的名称标识符。

'restrictedNodeName' - a Restricted Node_Name.

“restrictedNodeName”-受限制的节点名称。

'portName' - the Name_Identifier associated with a Fibre Channel Port.

“portName”-与光纤通道端口关联的名称\u标识符。

'restrictedPortName' - a Restricted Port_Name.

“restrictedPortName”-受限制的端口名称。

'wildcard' - a Wildcard value that is used to identify 'all others' (typically, all other members of a Policy Object, not all other Policy Objects).

“通配符”-用于标识“所有其他”的通配符值(通常是策略对象的所有其他成员,而不是所有其他策略对象)。

'restrictedWildcard' - a Restricted Wildcard value.

“受限通配符”-受限通配符值。

Other possible values are:

其他可能的值包括:

'alphaNumericName' - the value begins with an ASCII letter (upper or lower case) followed by (0 ... 63) characters from the set: lower case letters, upper case letters, digits, and the four symbols: dollar-sign ($),

“alphaNumericName”-该值以ASCII字母(大写或小写)开头,后跟集合中的(0…63)个字符:小写字母、大写字母、数字和四个符号:美元符号($),

dash (-), caret (^), and underscore (_).

破折号(-)、插入符号(^)和下划线(_)。

'ipv6AddressRange' - two IPv6 addresses in network byte order, the numerically smallest first and the numerically largest second; total length is 32 bytes.

“ipv6AddressRange”-按网络字节顺序排列的两个IPv6地址,第一个是数字最小的地址,第二个是数字最大的地址;总长度为32字节。

             'ipv4AddressRange'   - two IPv4 addresses in network
           byte order, the numerically smallest first and the
           numerically largest second; total length is 8 bytes."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 103."
    SYNTAX   INTEGER {
                 nodeName(1),
                 restrictedNodeName(2),
                 portName(3),
                 restrictedPortName(4),
                 wildcard(5),
                 restrictedWildcard(6),
                 alphaNumericName(7),
                 ipv6AddressRange(8),
                 ipv4AddressRange(9)
             }
        
             'ipv4AddressRange'   - two IPv4 addresses in network
           byte order, the numerically smallest first and the
           numerically largest second; total length is 8 bytes."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 103."
    SYNTAX   INTEGER {
                 nodeName(1),
                 restrictedNodeName(2),
                 portName(3),
                 restrictedPortName(4),
                 wildcard(5),
                 restrictedWildcard(6),
                 alphaNumericName(7),
                 ipv6AddressRange(8),
                 ipv4AddressRange(9)
             }
        
T11FcSpPolicyName ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A syntax used, when defining Policy Objects, for the
           name of something.
        
T11FcSpPolicyName ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A syntax used, when defining Policy Objects, for the
           name of something.
        

An object that uses this syntax always identifies a companion object with syntax T11FcSpPolicyNameType such that the companion object specifies the format and usage of the object with this syntax.

使用此语法的对象始终使用语法T11FcSpPolicyNameType标识伴随对象,以便伴随对象使用此语法指定对象的格式和用法。

When the companion object has the value 'wildcard' or 'restrictedWildcard', the value of the T11FcSpPolicyName object is: '0000000000000000'h." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, Table 103." SYNTAX OCTET STRING (SIZE (1..64))

当伴生对象的值为“通配符”或“受限通配符”时,T11FCSPolicName对象的值为:“0000000000000000”h.“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,表103.“语法八位字符串(大小(1..64))

T11FcSpAlphaNumName ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
        
T11FcSpAlphaNumName ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
        

"A syntax used when defining Policy Objects for the name of something, where the name is always in the format specified by:

为某物的名称定义策略对象时使用的语法,其中名称始终采用以下指定的格式:

T11FcSpPolicyNameType = 'alphaNumericName' " REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, Table 103." SYNTAX OCTET STRING (SIZE (1..64))

T11FCSPolicNameType='alphaNumericName'“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,表103。“语法八位字符串(大小(1..64))

T11FcSpAlphaNumNameOrAbsent ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "An extension of the T11FcSpAlphaNumName TC with
           one additional possible value: the zero-length string
           to indicate the absence of a name."
    SYNTAX   OCTET STRING (SIZE (0..64))
        
T11FcSpAlphaNumNameOrAbsent ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "An extension of the T11FcSpAlphaNumName TC with
           one additional possible value: the zero-length string
           to indicate the absence of a name."
    SYNTAX   OCTET STRING (SIZE (0..64))
        
T11FcSaDirection ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "The direction of frame transmission on a Security
           Association.  Note that Security Associations are
           unidirectional, but they always exist as part of an
           SA pair of the same type in opposite directions."
    SYNTAX   INTEGER { ingress(1), egress(2) }
        
T11FcSaDirection ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "The direction of frame transmission on a Security
           Association.  Note that Security Associations are
           unidirectional, but they always exist as part of an
           SA pair of the same type in opposite directions."
    SYNTAX   INTEGER { ingress(1), egress(2) }
        
T11FcSpiIndex ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "An SPI (Security Parameter Index) value is carried in the
           SPI field of a frame protected by the ESP_Header.  An SPI
           is also carried in the SAID field of a Common Transport
           Information Unit (CT_IU) protected by CT_Authentication.
           An SPI value identifies the Security Association on which
           the frame is being transmitted."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 4.7.2 and 4.7.3."
    SYNTAX   Unsigned32 (0..4294967295) -- the default range!!
        
T11FcSpiIndex ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "An SPI (Security Parameter Index) value is carried in the
           SPI field of a frame protected by the ESP_Header.  An SPI
           is also carried in the SAID field of a Common Transport
           Information Unit (CT_IU) protected by CT_Authentication.
           An SPI value identifies the Security Association on which
           the frame is being transmitted."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 4.7.2 and 4.7.3."
    SYNTAX   Unsigned32 (0..4294967295) -- the default range!!
        
T11FcSpPrecedence ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "d"
    STATUS       current
    DESCRIPTION
        
T11FcSpPrecedence ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "d"
    STATUS       current
    DESCRIPTION
        

"The precedence of a Traffic Selector. If a frame matches with two or more Traffic Selectors, then the match that takes precedence is the one with the Traffic Selector having the numerically smallest precedence value. Note that precedence values are not necessarily contiguous." SYNTAX Unsigned32 (0..4294967295) -- the default range!!

“流量选择器的优先级。如果一个帧与两个或多个流量选择器匹配,则具有优先级的匹配是具有数字最小优先级值的流量选择器的匹配。请注意,优先级值不一定是连续的。”语法Unsigned32(0..4294967295)--默认范围!!

T11FcRoutingControl ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "1x"
    STATUS        current
    DESCRIPTION
           "A value stored in the R_CTL (Routing Control) 8-bit field
           of an FC-2 frame containing routing and information bits to
           categorize the frame function.
        
T11FcRoutingControl ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "1x"
    STATUS        current
    DESCRIPTION
           "A value stored in the R_CTL (Routing Control) 8-bit field
           of an FC-2 frame containing routing and information bits to
           categorize the frame function.
        

For FC-2 frames, an R_CTL value typically distinguishes between control versus data frames and/or solicited versus unsolicited frames, and in combination with the TYPE field (see T11FcSpType), identifies a particular link-layer service/protocol using FC-2.

对于FC-2帧,R_CTL值通常区分控制帧与数据帧和/或请求帧与非请求帧,并结合类型字段(参见T11FcSpType)使用FC-2标识特定链路层服务/协议。

For CT_Authentication, the information field in the R_CTL field contains '02'h for Request CT_IUs and '03'h for Response CT_IUs.

对于CT_身份验证,R_CTL字段中的信息字段包含请求CT_IUs的'02'h和响应CT_IUs的'03'h。

The comparison of two values having this syntax is done by treating each string as an 8-bit numeric value." REFERENCE "- Fibre Channel - Framing and Signaling-2 (FC-FS-2), ANSI INCITS 424-2007, Project T11/1619-D, February 2007, section 9.3. - Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2006, sections 4.5.2.4.2, 4.5.2.4.3 and table 12." SYNTAX OCTET STRING (SIZE(1))

通过将每个字符串视为8位数字值来比较具有此语法的两个值。“参考”-光纤通道-成帧和信令-2(FC-FS-2),ANSI INCITS 424-2007,项目T11/1619-D,2007年2月,第9.3节。-光纤通道-通用服务-5(FC-GS-5),ANSI INCITS 427-2006,第4.5.2.4.2节,第4.5.2.4.3节和表12.“语法八位字节字符串(大小(1))

T11FcSpType ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "2x"
    STATUS        current
    DESCRIPTION
           "A value, or combination of values, contained in a frame
           header used in identifying the link layer service/protocol
           of a frame.  The value is always two octets:
        
T11FcSpType ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "2x"
    STATUS        current
    DESCRIPTION
           "A value, or combination of values, contained in a frame
           header used in identifying the link layer service/protocol
           of a frame.  The value is always two octets:
        

- for FC-2 frames, the first octet is zero and the second octet contains the Data structure type (TYPE) value defined by FC-FS-2. The TYPE value is used in combination with T11FcRoutingControl to identify a link

- 对于FC-2帧,第一个八位组为零,第二个八位组包含FC-FS-2定义的数据结构类型(type)值。类型值与T11FcRoutingControl结合使用以标识链接

layer service/protocol.

层服务/协议。

- for Common Transport Information Units (CT_IUs), the first octet contains a GS_Type value and the second octet contains a GS_Subtype value, defined by FC-GS-5.

- 对于通用传输信息单元(CT_IUs),第一个八位组包含GS_类型值,第二个八位组包含由FC-GS-5定义的GS_子类型值。

The comparison of two values having this syntax is done by treating each string as the numeric value obtained by numerically combining the individual octet's value as follows:

采用这种语法的两个值的比较是通过将每个字符串视为通过数字组合单个八位字节值而获得的数值来完成的,如下所示:

(256 * 1st-octet) + 2nd-octet " REFERENCE "- Fibre Channel - Framing and Signaling-2 (FC-FS-2), ANSI INCITS 424-2007, Project T11/1619-D, February 2007, section 9.6. - Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2006, sections 4.3.2.4 and 4.3.2.5." SYNTAX OCTET STRING (SIZE(2))

(256*1个八位组)+2个八位组“参考”-光纤通道-成帧和信令-2(FC-FS-2),ANSI INCITS 424-2007,项目T11/1619-D,2007年2月,第9.6节。-光纤通道-通用服务-5(FC-GS-5),ANSI INCITS 427-2006,第4.3.2.4和4.3.2.5节,“语法八位字符串(大小(2))

T11FcSpTransforms ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A list of the standardized transforms that are defined
           by FC-SP for use with ESP_Header, CT_Authentication, and/or
           IKEv2 Support."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              Appendix A.3.1, tables A.23, A.24, A.25, A.26."
    SYNTAX       BITS {
                     encrNull(0),
                     encrAesCbc(1),
                     encrAesCtr(2),
                     encrAesGcm(3),
                     encr3Des(4),
                     prfHmacMd5(5),
                     prfHmacSha1(6),
                     prfAesCbc(7),
                     authHmacMd5L96(8),
                     authHmacSha1L96(9),
                     authHmacMd5L128(10),
                     authHmacSha1L160(11),
                     encrNullAuthAesGmac(12),
                     dhGroups1024bit(13),
                     dhGroups2048bit(14)
                 }
        
T11FcSpTransforms ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "A list of the standardized transforms that are defined
           by FC-SP for use with ESP_Header, CT_Authentication, and/or
           IKEv2 Support."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              Appendix A.3.1, tables A.23, A.24, A.25, A.26."
    SYNTAX       BITS {
                     encrNull(0),
                     encrAesCbc(1),
                     encrAesCtr(2),
                     encrAesGcm(3),
                     encr3Des(4),
                     prfHmacMd5(5),
                     prfHmacSha1(6),
                     prfAesCbc(7),
                     authHmacMd5L96(8),
                     authHmacSha1L96(9),
                     authHmacMd5L128(10),
                     authHmacSha1L160(11),
                     encrNullAuthAesGmac(12),
                     dhGroups1024bit(13),
                     dhGroups2048bit(14)
                 }
        
T11FcSpSecurityProtocolId ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "A Security Protocol identifier to identify
           the protocol by which traffic is to be protected,
           e.g., ESP_Header or CT_Authentication."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.2 and table 67."
    SYNTAX       INTEGER { espHeader(1), ctAuth(2) }
        
T11FcSpSecurityProtocolId ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "A Security Protocol identifier to identify
           the protocol by which traffic is to be protected,
           e.g., ESP_Header or CT_Authentication."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.2 and table 67."
    SYNTAX       INTEGER { espHeader(1), ctAuth(2) }
        
T11FcSpLifetimeLeft ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "This TC is used for one object of an associated pair
           of objects.  The object with this syntax specifies a
           remaining lifetime of something, e.g., of an SA, where
           the lifetime is given in the units specified by the other
           object of the pair which has T11FcSpLifetimeLeftUnits
           as its syntax."
    SYNTAX       Unsigned32
        
T11FcSpLifetimeLeft ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "This TC is used for one object of an associated pair
           of objects.  The object with this syntax specifies a
           remaining lifetime of something, e.g., of an SA, where
           the lifetime is given in the units specified by the other
           object of the pair which has T11FcSpLifetimeLeftUnits
           as its syntax."
    SYNTAX       Unsigned32
        
T11FcSpLifetimeLeftUnits ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "An object, defined using T11FcSpLifetimeLeft TC as
           its syntax, is required to be one of an associated
           pair of objects such that the other object of the pair
           is defined with this T11FcSpLifetimeLeftUnits TC as
           its syntax and with its value specifying the
           units of the remaining lifetime given by the
           value of the T11FcSpLifetimeLeft object."
    SYNTAX       INTEGER {
                     seconds(1),      -- seconds
                     kiloBytes(2),    -- 10^^3 bytes
                     megaBytes(3),    -- 10^^6 bytes
                     gigaBytes(4),    -- 10^^9 bytes
                     teraBytes(5),    -- 10^^12 bytes
                     petaBytes(6),    -- 10^^15 bytes
                     exaBytes(7),     -- 10^^18 bytes
                     zettaBytes(8),   -- 10^^21 bytes
                     yottaBytes(9)    -- 10^^24 bytes
                 }
        
T11FcSpLifetimeLeftUnits ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION
           "An object, defined using T11FcSpLifetimeLeft TC as
           its syntax, is required to be one of an associated
           pair of objects such that the other object of the pair
           is defined with this T11FcSpLifetimeLeftUnits TC as
           its syntax and with its value specifying the
           units of the remaining lifetime given by the
           value of the T11FcSpLifetimeLeft object."
    SYNTAX       INTEGER {
                     seconds(1),      -- seconds
                     kiloBytes(2),    -- 10^^3 bytes
                     megaBytes(3),    -- 10^^6 bytes
                     gigaBytes(4),    -- 10^^9 bytes
                     teraBytes(5),    -- 10^^12 bytes
                     petaBytes(6),    -- 10^^15 bytes
                     exaBytes(7),     -- 10^^18 bytes
                     zettaBytes(8),   -- 10^^21 bytes
                     yottaBytes(9)    -- 10^^24 bytes
                 }
        
--
-- Object Identities to identify the Cryptographic Algorithms
-- listed in FC-SP.
        
--
-- Object Identities to identify the Cryptographic Algorithms
-- listed in FC-SP.
        

--

--

t11FcSpEncryptAlgorithms
     OBJECT IDENTIFIER ::= { t11FcSpAlgorithms 1 }
        
t11FcSpEncryptAlgorithms
     OBJECT IDENTIFIER ::= { t11FcSpAlgorithms 1 }
        
t11FcSpEncrNull OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_NULL algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 1 }
        
t11FcSpEncrNull OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_NULL algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 1 }
        
t11FcSpEncrAesCbc OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_AES_CBC algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 2 }
        
t11FcSpEncrAesCbc OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_AES_CBC algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 2 }
        
t11FcSpEncrAesCtr OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_AES_CTR algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 3 }
        
t11FcSpEncrAesCtr OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_AES_CTR algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 3 }
        
t11FcSpEncrAesGcm OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_AES_GCM algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 4 }
        
t11FcSpEncrAesGcm OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_AES_GCM algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 4 }
        

t11FcSpEncr3Des OBJECT-IDENTITY STATUS current DESCRIPTION "The ENCR_3DES algorithm." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, Table 70."

t11FcSpEncr3Des对象标识状态当前描述“ENCR_3DES算法”。参考“-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,表70。”

    ::= { t11FcSpEncryptAlgorithms 5 }
        
    ::= { t11FcSpEncryptAlgorithms 5 }
        
t11FcSpAuthAlgorithms
     OBJECT IDENTIFIER ::= { t11FcSpAlgorithms 2 }
        
t11FcSpAuthAlgorithms
     OBJECT IDENTIFIER ::= { t11FcSpAlgorithms 2 }
        
t11FcSpAuthNull OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_NONE algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 1 }
        
t11FcSpAuthNull OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_NONE algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 1 }
        
t11FcSpAuthHmacMd5L96 OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_HMAC_MD5_96 algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 2 }
        
t11FcSpAuthHmacMd5L96 OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_HMAC_MD5_96 algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 2 }
        
t11FcSpAuthHmacSha1L96 OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_HMAC_SHA1_96 algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 3 }
        
t11FcSpAuthHmacSha1L96 OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_HMAC_SHA1_96 algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 3 }
        
t11FcSpAuthHmacMd5L128 OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_HMAC_MD5_128 algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 4 }
        
t11FcSpAuthHmacMd5L128 OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The AUTH_HMAC_MD5_128 algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 72."
    ::= { t11FcSpAuthAlgorithms 4 }
        

t11FcSpAuthHmacSha1L160 OBJECT-IDENTITY STATUS current DESCRIPTION "The AUTH_HMAC_SHA1_160 algorithm." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, Table 72."

T11FCSPAUTHMACSHA1L160对象标识状态当前描述“AUTH_HMAC_SHA1_160算法”。参考“-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,表72。”

    ::= { t11FcSpAuthAlgorithms 5 }
        
    ::= { t11FcSpAuthAlgorithms 5 }
        
t11FcSpEncrNullAuthAesGmac OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_NULL_AUTH_AES_GMAC algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 6 }
        
t11FcSpEncrNullAuthAesGmac OBJECT-IDENTITY
    STATUS     current
    DESCRIPTION "The ENCR_NULL_AUTH_AES_GMAC algorithm."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 70."
    ::= { t11FcSpEncryptAlgorithms 6 }
        

END

终止

6.2. The T11-FC-SP-AUTHENTICATION-MIB Module
6.2. T11-FC-SP-AUTHENTICATION-MIB模块
--********************************************************************
-- FC-SP Authentication Protocols
--
        
--********************************************************************
-- FC-SP Authentication Protocols
--
        
T11-FC-SP-AUTHENTICATION-MIB  DEFINITIONS ::= BEGIN
        
T11-FC-SP-AUTHENTICATION-MIB  DEFINITIONS ::= BEGIN
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY,
    NOTIFICATION-TYPE,
    mib-2, Counter32, Unsigned32
                                      FROM SNMPv2-SMI  -- [RFC2578]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                                      FROM SNMPv2-CONF -- [RFC2580]
    StorageType, AutonomousType,
    TruthValue, TimeStamp             FROM SNMPv2-TC   -- [RFC2579]
    InterfaceIndex                    FROM IF-MIB      -- [RFC2863]
    fcmInstanceIndex,
    FcNameIdOrZero                    FROM FC-MGMT-MIB -- [RFC4044]
    t11FamLocalSwitchWwn
                       FROM T11-FC-FABRIC-ADDR-MGR-MIB -- [RFC4439]
    T11FabricIndex                    FROM T11-TC-MIB  -- [RFC4439]
    T11FcSpDhGroups,
    T11FcSpHashFunctions,
    T11FcSpSignFunctions,
    T11FcSpLifetimeLeft,
    T11FcSpLifetimeLeftUnits,
    T11FcSpAuthRejectReasonCode,
    T11FcSpAuthRejReasonCodeExp       FROM T11-FC-SP-TC-MIB;
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY,
    NOTIFICATION-TYPE,
    mib-2, Counter32, Unsigned32
                                      FROM SNMPv2-SMI  -- [RFC2578]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                                      FROM SNMPv2-CONF -- [RFC2580]
    StorageType, AutonomousType,
    TruthValue, TimeStamp             FROM SNMPv2-TC   -- [RFC2579]
    InterfaceIndex                    FROM IF-MIB      -- [RFC2863]
    fcmInstanceIndex,
    FcNameIdOrZero                    FROM FC-MGMT-MIB -- [RFC4044]
    t11FamLocalSwitchWwn
                       FROM T11-FC-FABRIC-ADDR-MGR-MIB -- [RFC4439]
    T11FabricIndex                    FROM T11-TC-MIB  -- [RFC4439]
    T11FcSpDhGroups,
    T11FcSpHashFunctions,
    T11FcSpSignFunctions,
    T11FcSpLifetimeLeft,
    T11FcSpLifetimeLeftUnits,
    T11FcSpAuthRejectReasonCode,
    T11FcSpAuthRejReasonCodeExp       FROM T11-FC-SP-TC-MIB;
        

t11FcSpAuthenticationMIB MODULE-IDENTITY LAST-UPDATED "200808200000Z" ORGANIZATION "This MIB module was developed through the

t11FcSpAuthenticationMIB模块-IDENTITY上次更新的“200808200000Z”组织“此MIB模块是通过

coordinated effort of two organizations: T11 began the development and the IETF (in the IMSS Working Group) finished it." CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com

两个组织协调努力:T11开始开发,IETF(在IMSS工作组中)完成。“联系信息”Claudio DeSanti Cisco Systems,Inc.170 West Tasman Drive San Jose,CA 95134 USA电子邮件:cds@cisco.com

Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Email: kzm@cisco.com" DESCRIPTION "This MIB module specifies the management information required to manage the Authentication Protocols defined by Fibre Channel's FC-SP specification.

Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号邮编:95134电子邮件:kzm@cisco.com“说明”此MIB模块指定管理光纤通道FC-SP规范定义的身份验证协议所需的管理信息。

This MIB module defines three tables:

此MIB模块定义了三个表:

- t11FcSpAuEntityTable is a table of Fibre Channel entities that can be authenticated using FC-SP's Authentication Protocols.

- t11FcSpAuEntityTable是可以使用FC-SP的身份验证协议进行身份验证的光纤通道实体表。

- t11FcSpAuIfStatTable is a table with one row for each mapping of an Authentication entity onto an interface, containing statistics information.

- T11FCSAUIFSTATTABLE是一个表,其中身份验证实体到接口的每个映射都有一行,包含统计信息。

- t11FcSpAuRejectTable is a table of volatile information about FC-SP Authentication Protocol transactions that were most recently rejected.

- t11FcSpAuRejectTable是一个关于最近被拒绝的FC-SP身份验证协议事务的易失性信息表。

           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 176 }
        
           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 176 }
        
t11FcSpAuMIBNotifications
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 0 }
t11FcSpAuMIBObjects
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 1 }
t11FcSpAuMIBConformance
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 2 }
        
t11FcSpAuMIBNotifications
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 0 }
t11FcSpAuMIBObjects
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 1 }
t11FcSpAuMIBConformance
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 2 }
        
t11FcSpAuMIBIdentities
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 3 }
        
t11FcSpAuMIBIdentities
                   OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 3 }
        

-- -- OIDs defined for use as values of t11FcSpAuServerProtocol --

----定义用作t11FcSpAuServerProtocol值的OID--

t11FcSpAuServerProtocolRadius OBJECT-IDENTITY
    STATUS       current
    DESCRIPTION
           "This OID identifies RADIUS as the protocol used
           to communicate with an External Server as part of
           the process by which identities are verified.
           In this case, information about the RADIUS Servers
           is likely to be provided in radiusAuthServerExtTable
           defined in the RADIUS-AUTH-CLIENT-MIB."
    REFERENCE
           "radiusAuthServerExtTable in 'RADIUS Authentication
            Client MIB', RFC 4668, August 2006."
    ::= { t11FcSpAuMIBIdentities 1 }
        
t11FcSpAuServerProtocolRadius OBJECT-IDENTITY
    STATUS       current
    DESCRIPTION
           "This OID identifies RADIUS as the protocol used
           to communicate with an External Server as part of
           the process by which identities are verified.
           In this case, information about the RADIUS Servers
           is likely to be provided in radiusAuthServerExtTable
           defined in the RADIUS-AUTH-CLIENT-MIB."
    REFERENCE
           "radiusAuthServerExtTable in 'RADIUS Authentication
            Client MIB', RFC 4668, August 2006."
    ::= { t11FcSpAuMIBIdentities 1 }
        
t11FcSpAuServerProtocolDiameter OBJECT-IDENTITY
    STATUS       current
    DESCRIPTION
           "This OID identifies Diameter as the protocol used
           to communicate with an External Server as part of
           the process by which identities are verified."
    REFERENCE
           "RFC 3588, September 2003."
    ::= { t11FcSpAuMIBIdentities 2 }
        
t11FcSpAuServerProtocolDiameter OBJECT-IDENTITY
    STATUS       current
    DESCRIPTION
           "This OID identifies Diameter as the protocol used
           to communicate with an External Server as part of
           the process by which identities are verified."
    REFERENCE
           "RFC 3588, September 2003."
    ::= { t11FcSpAuMIBIdentities 2 }
        
t11FcSpAuServerProtocolTacacs OBJECT-IDENTITY
    STATUS       current
    DESCRIPTION
           "This OID identifies TACACS as the protocol used
           to communicate with an External Server as part of
           the process by which identities are verified."
    REFERENCE
           "RFC 1492, July 1993."
    ::= { t11FcSpAuMIBIdentities 3 }
        
t11FcSpAuServerProtocolTacacs OBJECT-IDENTITY
    STATUS       current
    DESCRIPTION
           "This OID identifies TACACS as the protocol used
           to communicate with an External Server as part of
           the process by which identities are verified."
    REFERENCE
           "RFC 1492, July 1993."
    ::= { t11FcSpAuMIBIdentities 3 }
        

-- -- Configuration for the Authentication Protocols --

----身份验证协议的配置--

t11FcSpAuEntityTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpAuEntityEntry MAX-ACCESS not-accessible

T11FcSpAuEntityEntry MAX-ACCESS的t11FcSpAuEntityTable对象类型语法序列不可访问

STATUS current DESCRIPTION "A table of Fibre Channel entities that can be authenticated using FC-SP's Authentication Protocols.

STATUS current DESCRIPTION“可使用FC-SP的身份验证协议进行身份验证的光纤通道实体表。

           The purpose of an FC-SP Authentication Protocol is to verify
           that a claimed name is associated with the claiming entity.
           The Authentication Protocols can be used to authenticate
           Nx_Ports, B_Ports, or Switches."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 3.2.25."
    ::= { t11FcSpAuMIBObjects 1 }
        
           The purpose of an FC-SP Authentication Protocol is to verify
           that a claimed name is associated with the claiming entity.
           The Authentication Protocols can be used to authenticate
           Nx_Ports, B_Ports, or Switches."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 3.2.25."
    ::= { t11FcSpAuMIBObjects 1 }
        
t11FcSpAuEntityEntry OBJECT-TYPE
    SYNTAX       T11FcSpAuEntityEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Information about the configuration and capabilities of an
           FC-SP entity (which is managed within the Fibre Channel
           management instance identified by fcmInstanceIndex) on a
           particular Fabric with respect to FC-SP's Authentication
           Protocols."
    INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
              t11FcSpAuFabricIndex }
    ::= { t11FcSpAuEntityTable 1 }
        
t11FcSpAuEntityEntry OBJECT-TYPE
    SYNTAX       T11FcSpAuEntityEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Information about the configuration and capabilities of an
           FC-SP entity (which is managed within the Fibre Channel
           management instance identified by fcmInstanceIndex) on a
           particular Fabric with respect to FC-SP's Authentication
           Protocols."
    INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
              t11FcSpAuFabricIndex }
    ::= { t11FcSpAuEntityTable 1 }
        
T11FcSpAuEntityEntry ::= SEQUENCE {
    t11FcSpAuEntityName             FcNameIdOrZero,
    t11FcSpAuFabricIndex            T11FabricIndex,
    t11FcSpAuServerProtocol         AutonomousType,
                                                   -- Config parameters
    t11FcSpAuStorageType            StorageType,
    t11FcSpAuSendRejNotifyEnable    TruthValue,
    t11FcSpAuRcvRejNotifyEnable     TruthValue,
    t11FcSpAuDefaultLifetime        T11FcSpLifetimeLeft,
    t11FcSpAuDefaultLifetimeUnits   T11FcSpLifetimeLeftUnits,
    t11FcSpAuRejectMaxRows          Unsigned32,
                                                   -- Capabilities
    t11FcSpAuDhChapHashFunctions    T11FcSpHashFunctions,
    t11FcSpAuDhChapDhGroups         T11FcSpDhGroups,
    t11FcSpAuFcapHashFunctions      T11FcSpHashFunctions,
    t11FcSpAuFcapCertsSignFunctions T11FcSpSignFunctions,
    t11FcSpAuFcapDhGroups           T11FcSpDhGroups,
    t11FcSpAuFcpapHashFunctions     T11FcSpHashFunctions,
    t11FcSpAuFcpapDhGroups          T11FcSpDhGroups
        
T11FcSpAuEntityEntry ::= SEQUENCE {
    t11FcSpAuEntityName             FcNameIdOrZero,
    t11FcSpAuFabricIndex            T11FabricIndex,
    t11FcSpAuServerProtocol         AutonomousType,
                                                   -- Config parameters
    t11FcSpAuStorageType            StorageType,
    t11FcSpAuSendRejNotifyEnable    TruthValue,
    t11FcSpAuRcvRejNotifyEnable     TruthValue,
    t11FcSpAuDefaultLifetime        T11FcSpLifetimeLeft,
    t11FcSpAuDefaultLifetimeUnits   T11FcSpLifetimeLeftUnits,
    t11FcSpAuRejectMaxRows          Unsigned32,
                                                   -- Capabilities
    t11FcSpAuDhChapHashFunctions    T11FcSpHashFunctions,
    t11FcSpAuDhChapDhGroups         T11FcSpDhGroups,
    t11FcSpAuFcapHashFunctions      T11FcSpHashFunctions,
    t11FcSpAuFcapCertsSignFunctions T11FcSpSignFunctions,
    t11FcSpAuFcapDhGroups           T11FcSpDhGroups,
    t11FcSpAuFcpapHashFunctions     T11FcSpHashFunctions,
    t11FcSpAuFcpapDhGroups          T11FcSpDhGroups
        

}

}

t11FcSpAuEntityName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name used to identify the FC-SP entity.

t11FcSpAuEntityName对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS不可访问状态当前描述“用于标识FC-SP实体的名称。

           For entities that are Fibre Channel Switches, this value
           corresponds to the Switch's value of fcmSwitchWWN.  For
           entities other than Fibre Channel Switches, this value
           corresponds to the value of fcmInstanceWwn for the
           corresponding Fibre Channel management instance."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.3.
            - fcmInstanceWwn & fcmSwitchWWN,
              'Fibre Channel Management MIB', RFC 4044, May 2005."
    ::= { t11FcSpAuEntityEntry 1 }
        
           For entities that are Fibre Channel Switches, this value
           corresponds to the Switch's value of fcmSwitchWWN.  For
           entities other than Fibre Channel Switches, this value
           corresponds to the value of fcmInstanceWwn for the
           corresponding Fibre Channel management instance."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.3.
            - fcmInstanceWwn & fcmSwitchWWN,
              'Fibre Channel Management MIB', RFC 4044, May 2005."
    ::= { t11FcSpAuEntityEntry 1 }
        
t11FcSpAuFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a
           particular Fabric to which the entity is attached."
    ::= { t11FcSpAuEntityEntry 2 }
        
t11FcSpAuFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a
           particular Fabric to which the entity is attached."
    ::= { t11FcSpAuEntityEntry 2 }
        

t11FcSpAuServerProtocol OBJECT-TYPE SYNTAX AutonomousType MAX-ACCESS read-only STATUS current DESCRIPTION "The protocol, if any, used by the entity to communicate with a third party (i.e., an External Server) as part of the process by which it verifies DH-CHAP responses. For example, if the entity is using an external RADIUS server to verify DH-CHAP responses, then this object will have the value t11FcSpAuServerProtocolRadius.

t11FcSpAuServerProtocol对象类型语法AutonomousType MAX-ACCESS只读状态当前描述“实体用于与第三方(即外部服务器)通信的协议(如果有)作为验证DH-CHAP响应过程的一部分。例如,如果实体正在使用外部RADIUS服务器验证DH-CHAP响应,则此对象的值为t11FcSpAuServerProtocolRadius。

The value, zeroDotZero, is used to indicate that no protocol is being used to communicate with a third party to verify DH-CHAP responses.

值zeroDotZero用于指示未使用任何协议与第三方通信以验证DH-CHAP响应。

When no protocol is being used, or if the third party is

当没有使用协议时,或者如果第三方

           unreachable via the specified protocol, then locally
           configured information (if any) may be used instead."
    ::= { t11FcSpAuEntityEntry 3 }
        
           unreachable via the specified protocol, then locally
           configured information (if any) may be used instead."
    ::= { t11FcSpAuEntityEntry 3 }
        

t11FcSpAuStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the memory realization of configuration information related to an FC-SP Entity on a particular Fabric: specifically, for MIB objects in the row containing this object.

t11FcSpAuStorageType对象类型语法StorageType MAX-ACCESS读写状态当前描述“此对象指定与特定结构上FC-SP实体相关的配置信息的内存实现:特别是包含此对象的行中的MIB对象。

           Even if an instance of this object has the value
           'permanent(4)', none of the information in the
           corresponding row of this table needs to be writable."
    ::= { t11FcSpAuEntityEntry 4 }
        
           Even if an instance of this object has the value
           'permanent(4)', none of the information in the
           corresponding row of this table needs to be writable."
    ::= { t11FcSpAuEntityEntry 4 }
        

t11FcSpAuSendRejNotifyEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "An indication of whether or not the entity should issue t11FcSpAuRejectSentNotify notifications when sending AUTH_Reject/SW_RJT/LS_RJT to reject an AUTH message.

t11FcSpAuSendRejNotifyEnable对象类型语法TruthValue MAX-ACCESS读写状态当前描述”指示实体在发送AUTH_Reject/SW_RJT/LS_RJT以拒绝AUTH消息时是否应发出t11FcSpAuRejectSentNotify通知。

           If the value of the object is 'true', then this type of
           notification is generated.  If the value is 'false',
           this type of notification is not generated."
    DEFVAL { false }
    ::= { t11FcSpAuEntityEntry 5 }
        
           If the value of the object is 'true', then this type of
           notification is generated.  If the value is 'false',
           this type of notification is not generated."
    DEFVAL { false }
    ::= { t11FcSpAuEntityEntry 5 }
        

t11FcSpAuRcvRejNotifyEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "An indication of whether or not the entity should issue t11FcSpAuRejectReceivedNotify notifications on the receipt of AUTH_Reject/SW_RJT/LS_RJT messages.

t11FcSpAuRcvRejNotifyEnable对象类型语法TruthValue MAX-ACCESS读写状态当前描述“指示实体是否应在收到验证拒绝/软件RJT/LS RJT消息时发出t11FcSpAuRejectReceivedNotify通知。

           If the value of the object is 'true', then this type of
           notification is generated.  If the value is 'false',
           this type of notification is not generated."
    DEFVAL { false }
    ::= { t11FcSpAuEntityEntry 6 }
        
           If the value of the object is 'true', then this type of
           notification is generated.  If the value is 'false',
           this type of notification is not generated."
    DEFVAL { false }
    ::= { t11FcSpAuEntityEntry 6 }
        

t11FcSpAuDefaultLifetime OBJECT-TYPE SYNTAX T11FcSpLifetimeLeft MAX-ACCESS read-write STATUS current DESCRIPTION "When the value of this object is non-zero, it specifies the default value of a lifetime, specified in units given by the corresponding instance of t11FcSpAuDefaultLifetimeUnits. This default lifetime is to be used for any Security Association that has no explicitly specified value for its lifetime.

t11FcSpAuDefaultLifetime对象类型语法T11FcSpLifetimeLeft最大访问读写状态当前说明当此对象的值为非零时,它指定生存期的默认值,以t11FcSpAuDefaultLifetimeUnits的相应实例给定的单位指定。此默认生存期将用于没有明确指定生存期值的任何安全关联。

An SA's lifetime is either the time interval or the number of passed bytes, after which the SA has to be terminated and (if necessary) replaced with a new SA.

SA的生存期是时间间隔或传递的字节数,在此时间间隔或字节数之后,SA必须终止并(如有必要)替换为新SA。

           If this object is zero, then there is no default value for
           lifetime."
    DEFVAL       { 28800 }         -- 8 hours (in units of seconds)
     ::= { t11FcSpAuEntityEntry 7 }
        
           If this object is zero, then there is no default value for
           lifetime."
    DEFVAL       { 28800 }         -- 8 hours (in units of seconds)
     ::= { t11FcSpAuEntityEntry 7 }
        
t11FcSpAuDefaultLifetimeUnits OBJECT-TYPE
    SYNTAX       T11FcSpLifetimeLeftUnits
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "The units in which the value of the corresponding
           instance of t11FcSpAuDefaultLifetime specifies a
           default lifetime for a Security Association that has
           no explicitly-specified value for its lifetime."
    DEFVAL       { seconds }
    ::= { t11FcSpAuEntityEntry 8 }
        
t11FcSpAuDefaultLifetimeUnits OBJECT-TYPE
    SYNTAX       T11FcSpLifetimeLeftUnits
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "The units in which the value of the corresponding
           instance of t11FcSpAuDefaultLifetime specifies a
           default lifetime for a Security Association that has
           no explicitly-specified value for its lifetime."
    DEFVAL       { seconds }
    ::= { t11FcSpAuEntityEntry 8 }
        

t11FcSpAuRejectMaxRows OBJECT-TYPE SYNTAX Unsigned32 (0..1000) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of rows in the t11FcSpAuRejectTable for this entity on this Fabric. If and when an AUTH message is rejected, and the t11FcSpAuRejectTable already contains this maximum number of rows for the specific entity and Fabric, the row containing the oldest information is discarded and replaced by a row containing information about the new rejection.

t11FcSpAuRejectMaxRows对象类型语法Unsigned32(0..1000)最大访问读写状态当前说明“此结构上此实体的T11FCSPaureject表中的最大行数。如果拒绝验证消息,并且t11FcSpAuRejectTable已包含特定实体和结构的最大行数,则包含最旧信息的行将被丢弃,并替换为包含新拒绝信息的行。

There will be less than this maximum number of rows in the t11FcSpAuRejectTable in exceptional circumstances,

在异常情况下,t11FcSpAuRejectTable中的行数将小于此最大值,

e.g., after an agent restart.

e、 例如,在代理重新启动后。

           In an implementation that does not support the
           t11FcSpAuRejectTable, this object will always be zero."
    ::= { t11FcSpAuEntityEntry 9 }
        
           In an implementation that does not support the
           t11FcSpAuRejectTable, this object will always be zero."
    ::= { t11FcSpAuEntityEntry 9 }
        
t11FcSpAuDhChapHashFunctions OBJECT-TYPE
    SYNTAX     T11FcSpHashFunctions
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The hash functions that the entity supports when using
           the DH-CHAP algorithm."
    ::= { t11FcSpAuEntityEntry 10 }
        
t11FcSpAuDhChapHashFunctions OBJECT-TYPE
    SYNTAX     T11FcSpHashFunctions
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The hash functions that the entity supports when using
           the DH-CHAP algorithm."
    ::= { t11FcSpAuEntityEntry 10 }
        
t11FcSpAuDhChapDhGroups OBJECT-TYPE
    SYNTAX     T11FcSpDhGroups
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The DH Groups that the entity supports when using the
           DH-CHAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 11 }
        
t11FcSpAuDhChapDhGroups OBJECT-TYPE
    SYNTAX     T11FcSpDhGroups
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The DH Groups that the entity supports when using the
           DH-CHAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 11 }
        
t11FcSpAuFcapHashFunctions OBJECT-TYPE
    SYNTAX     T11FcSpHashFunctions
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The hash functions that the entity supports when
           specified as Protocol Parameters in the AUTH_Negotiate
           message for FCAP in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.5.2.1 and table 28."
    ::= { t11FcSpAuEntityEntry 12 }
        
t11FcSpAuFcapHashFunctions OBJECT-TYPE
    SYNTAX     T11FcSpHashFunctions
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The hash functions that the entity supports when
           specified as Protocol Parameters in the AUTH_Negotiate
           message for FCAP in FC-SP."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.5.2.1 and table 28."
    ::= { t11FcSpAuEntityEntry 12 }
        

t11FcSpAuFcapCertsSignFunctions OBJECT-TYPE SYNTAX T11FcSpSignFunctions MAX-ACCESS read-only STATUS current DESCRIPTION "The signature functions used within certificates that the entity supports when using FCAP in FC-SP." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP),

t11FcSpAuFcapCertsSignFunctions对象类型语法T11FcSpSignFunctions MAX-ACCESS只读状态当前说明“实体在FC-SP中使用FCAP时支持的证书中使用的签名函数。”参考“-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),

              February 2007, section 5.5.4.2 and tables 38 & 39."
    ::= { t11FcSpAuEntityEntry 13 }
        
              February 2007, section 5.5.4.2 and tables 38 & 39."
    ::= { t11FcSpAuEntityEntry 13 }
        
t11FcSpAuFcapDhGroups OBJECT-TYPE
    SYNTAX     T11FcSpDhGroups
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The DH Groups that the entity supports when using the
           FCAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 14 }
        
t11FcSpAuFcapDhGroups OBJECT-TYPE
    SYNTAX     T11FcSpDhGroups
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The DH Groups that the entity supports when using the
           FCAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 14 }
        
t11FcSpAuFcpapHashFunctions OBJECT-TYPE
    SYNTAX     T11FcSpHashFunctions
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The hash functions that the entity supports when using
           the FCPAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 15 }
        
t11FcSpAuFcpapHashFunctions OBJECT-TYPE
    SYNTAX     T11FcSpHashFunctions
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The hash functions that the entity supports when using
           the FCPAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 15 }
        
t11FcSpAuFcpapDhGroups OBJECT-TYPE
    SYNTAX     T11FcSpDhGroups
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The DH Groups that the entity supports when using the
           FCPAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 16 }
        
t11FcSpAuFcpapDhGroups OBJECT-TYPE
    SYNTAX     T11FcSpDhGroups
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The DH Groups that the entity supports when using the
           FCPAP algorithm in FC-SP."
    ::= { t11FcSpAuEntityEntry 16 }
        
--
-- The Mapping of Authentication Entities onto Interfaces
-- and Statistics
--
        
--
-- The Mapping of Authentication Entities onto Interfaces
-- and Statistics
--
        

t11FcSpAuIfStatTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpAuIfStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each FC-SP Authentication entity can operate on one or more interfaces, but at most one of them can operate on each interface. A row in this table exists for each interface to each Fabric on which each Authentication entity operates.

T11FCSAUIFSTATTABLE T11FCSAUIFSTATENTRY MAX-ACCESS的对象类型语法序列不可访问状态当前描述“每个FC-SP身份验证实体可以在一个或多个接口上运行,但最多一个实体可以在每个接口上运行。对于每个身份验证实体操作的每个结构的每个接口,此表中都有一行。

           The objects within this table contain statistics information
           related to FC-SP's Authentication Protocols."
    ::= { t11FcSpAuMIBObjects 2 }
        
           The objects within this table contain statistics information
           related to FC-SP's Authentication Protocols."
    ::= { t11FcSpAuMIBObjects 2 }
        
t11FcSpAuIfStatEntry OBJECT-TYPE
    SYNTAX       T11FcSpAuIfStatEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A set of Authentication Protocols statistics for an FC-SP
           Authentication entity (identified by t11FcSpAuEntityName) on
           one of its interfaces to a particular Fabric, which is
           managed within the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
              t11FcSpAuIfStatInterfaceIndex,
              t11FcSpAuIfStatFabricIndex }
    ::= { t11FcSpAuIfStatTable 1 }
        
t11FcSpAuIfStatEntry OBJECT-TYPE
    SYNTAX       T11FcSpAuIfStatEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A set of Authentication Protocols statistics for an FC-SP
           Authentication entity (identified by t11FcSpAuEntityName) on
           one of its interfaces to a particular Fabric, which is
           managed within the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
              t11FcSpAuIfStatInterfaceIndex,
              t11FcSpAuIfStatFabricIndex }
    ::= { t11FcSpAuIfStatTable 1 }
        
T11FcSpAuIfStatEntry ::= SEQUENCE {
    t11FcSpAuIfStatInterfaceIndex        InterfaceIndex,
    t11FcSpAuIfStatFabricIndex           T11FabricIndex,
    t11FcSpAuIfStatTimeouts              Counter32,
    t11FcSpAuIfStatInAcceptedMsgs        Counter32,
    t11FcSpAuIfStatInLsSwRejectedMsgs    Counter32,
    t11FcSpAuIfStatInAuthRejectedMsgs    Counter32,
    t11FcSpAuIfStatOutAcceptedMsgs       Counter32,
    t11FcSpAuIfStatOutLsSwRejectedMsgs   Counter32,
    t11FcSpAuIfStatOutAuthRejectedMsgs   Counter32
}
        
T11FcSpAuIfStatEntry ::= SEQUENCE {
    t11FcSpAuIfStatInterfaceIndex        InterfaceIndex,
    t11FcSpAuIfStatFabricIndex           T11FabricIndex,
    t11FcSpAuIfStatTimeouts              Counter32,
    t11FcSpAuIfStatInAcceptedMsgs        Counter32,
    t11FcSpAuIfStatInLsSwRejectedMsgs    Counter32,
    t11FcSpAuIfStatInAuthRejectedMsgs    Counter32,
    t11FcSpAuIfStatOutAcceptedMsgs       Counter32,
    t11FcSpAuIfStatOutLsSwRejectedMsgs   Counter32,
    t11FcSpAuIfStatOutAuthRejectedMsgs   Counter32
}
        
t11FcSpAuIfStatInterfaceIndex OBJECT-TYPE
    SYNTAX       InterfaceIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The interface on which the FC-SP Authentication entity
           operates and for which the statistics are collected."
    ::= { t11FcSpAuIfStatEntry 1 }
        
t11FcSpAuIfStatInterfaceIndex OBJECT-TYPE
    SYNTAX       InterfaceIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The interface on which the FC-SP Authentication entity
           operates and for which the statistics are collected."
    ::= { t11FcSpAuIfStatEntry 1 }
        
t11FcSpAuIfStatFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value identifying the particular Fabric for
           which the statistics are collected."
    ::= { t11FcSpAuIfStatEntry 2 }
        
t11FcSpAuIfStatFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value identifying the particular Fabric for
           which the statistics are collected."
    ::= { t11FcSpAuIfStatEntry 2 }
        

t11FcSpAuIfStatTimeouts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only

t11FcSpAuIfStatTimeouts对象类型语法计数器32 MAX-ACCESS只读

STATUS current DESCRIPTION "The number of FC-SP Authentication Protocol messages sent by the particular entity on the particular Fabric on the particular interface, for which no response was received within a timeout period.

STATUS current DESCRIPTION“特定实体在特定接口的特定结构上发送的FC-SP身份验证协议消息数,在超时期间未收到响应。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.11."
    ::= { t11FcSpAuIfStatEntry 3 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.11."
    ::= { t11FcSpAuIfStatEntry 3 }
        

t11FcSpAuIfStatInAcceptedMsgs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of FC-SP Authentication Protocol messages received and accepted by the particular entity on the particular Fabric on the particular interface.

T11FCSAUIFStationAcceptedMSGS对象类型语法计数器32 MAX-ACCESS只读状态当前描述“特定接口上特定结构上特定实体接收和接受的FC-SP身份验证协议消息数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 4 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 4 }
        

t11FcSpAuIfStatInLsSwRejectedMsgs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of FC-SP Authentication Protocol messages received by the particular entity on the particular Fabric on the particular interface, and rejected by a lower-level (SW_RJT or LS_RJT) reject.

t11FcSpAuIfStatInLsSwRejectedMsgs对象类型语法计数器32 MAX-ACCESS只读状态当前描述“特定实体在特定接口上的特定结构上接收的FC-SP身份验证协议消息数,并被较低级别(SW_RJT或LS_RJT)reject拒绝。

This counter has no discontinuities other than those that all Counter32's have when sysUpTime=0." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, section 5.1."

除sysUpTime=0时所有计数器32的中断外,该计数器没有其他中断。“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,第5.1节。”

    ::= { t11FcSpAuIfStatEntry 5 }
        
    ::= { t11FcSpAuIfStatEntry 5 }
        

t11FcSpAuIfStatInAuthRejectedMsgs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of FC-SP Authentication Protocol messages received by the particular entity on the particular Fabric on the particular interface, and rejected by an AUTH_Reject message.

t11FcSpAuIfStatInAuthRejectedMsgs对象类型语法计数器32 MAX-ACCESS只读状态当前描述“特定实体在特定接口上的特定结构上接收的FC-SP身份验证协议消息数,并被AUTH_拒绝消息拒绝。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 6 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 6 }
        

t11FcSpAuIfStatOutAcceptedMsgs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of FC-SP Authentication Protocol messages sent by the particular entity on the particular Fabric on the particular interface, which were accepted by the neighboring entity, i.e., not rejected by an AUTH_Reject message, nor by a lower-level (SW_RJT or LS_RJT) reject.

T11FCSPAUIFSTATOUCEPTEDMSGS对象类型语法计数器32 MAX-ACCESS只读状态当前说明“由特定实体在特定接口上的特定结构上发送的FC-SP身份验证协议消息数,该消息被相邻实体接受,即未被身份验证拒绝消息拒绝,也未被较低级别(SW_RJT或LS_RJT)拒绝。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 7 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 7 }
        

t11FcSpAuIfStatOutLsSwRejectedMsgs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of FC-SP Authentication Protocol messages sent by the particular entity on the particular Fabric on the particular interface, which were rejected by a lower-level (SW_RJT or LS_RJT) reject.

T11FCSPAUIFSTATOUTTLSSWREJECTEDMSGS对象类型语法计数器32 MAX-ACCESS只读状态当前描述“特定实体在特定接口上的特定结构上发送的FC-SP身份验证协议消息数,被较低级别(SW_RJT或LS_RJT)拒绝。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 8 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 8 }
        

t11FcSpAuIfStatOutAuthRejectedMsgs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of FC-SP Authentication Protocol messages sent by the particular entity on the particular Fabric on the particular interface, which were rejected by an AUTH_Reject message.

T11FCSPAUIFSTATOUTHTHUTHREJECTEDMSGS对象类型语法计数器32 MAX-ACCESS只读状态当前说明“特定实体在特定接口上的特定结构上发送的FC-SP身份验证协议消息数,这些消息被身份验证拒绝消息拒绝。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 9 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.1."
    ::= { t11FcSpAuIfStatEntry 9 }
        
--
-- Information about Authentication Protocol Transactions
-- which were recently rejected
--
        
--
-- Information about Authentication Protocol Transactions
-- which were recently rejected
--
        

t11FcSpAuRejectTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpAuRejectEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of volatile information about FC-SP Authentication Protocol transactions that were recently rejected with an AUTH_Reject message, or with an SW_RJT/LS_RJT.

t11FcSpAuRejectTable T11FcSpAuRejectEntry的对象类型语法序列MAX-ACCESS不可访问状态当前描述“有关最近被AUTH_Reject消息或SW_RJT/LS_RJT拒绝的FC-SP身份验证协议事务的易失性信息表。

The maximum number of rows in this table for a specific entity on a specific Fabric is given by the value of the corresponding instance of t11FcSpAuRejectMaxRows.

此表中特定结构上特定实体的最大行数由t11FcSpAuRejectMaxRows的对应实例的值给出。

The syntax of t11FcSpAuRejTimestamp is TimeStamp, and thus its value rolls over to zero after approximately 497 days. To avoid any confusion due to such a rollover, rows should be deleted from this table before they are 497 days old.

t11FcSpAuRejTimestamp的语法是TimeStamp,因此它的值在大约497天后会滚到零。为了避免由于这种滚动而引起的任何混乱,应该在497天之前删除此表中的行。

           This table will be empty if no AUTH_Reject messages,
           nor any SW_RJT/LS_RJT's rejecting an AUTH message,
           have been sent or received since the last
           re-initialization of the agent."
    ::= { t11FcSpAuMIBObjects 3 }
        
           This table will be empty if no AUTH_Reject messages,
           nor any SW_RJT/LS_RJT's rejecting an AUTH message,
           have been sent or received since the last
           re-initialization of the agent."
    ::= { t11FcSpAuMIBObjects 3 }
        
t11FcSpAuRejectEntry OBJECT-TYPE
    SYNTAX       T11FcSpAuRejectEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Information about one AUTH message (either an
           AUTH_ELS or an AUTH_ILS) that was rejected with an
           AUTH_Reject, SW_RJT or LS_RJT message, sent/received by
           the entity identified by values of fcmInstanceIndex and
           t11FcSpAuEntityName, on an interface to a particular
           Fabric."
    INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
              t11FcSpAuRejInterfaceIndex, t11FcSpAuRejFabricIndex,
              t11FcSpAuRejTimestamp }
    ::= { t11FcSpAuRejectTable 1 }
        
t11FcSpAuRejectEntry OBJECT-TYPE
    SYNTAX       T11FcSpAuRejectEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Information about one AUTH message (either an
           AUTH_ELS or an AUTH_ILS) that was rejected with an
           AUTH_Reject, SW_RJT or LS_RJT message, sent/received by
           the entity identified by values of fcmInstanceIndex and
           t11FcSpAuEntityName, on an interface to a particular
           Fabric."
    INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
              t11FcSpAuRejInterfaceIndex, t11FcSpAuRejFabricIndex,
              t11FcSpAuRejTimestamp }
    ::= { t11FcSpAuRejectTable 1 }
        
T11FcSpAuRejectEntry ::= SEQUENCE {
    t11FcSpAuRejInterfaceIndex        InterfaceIndex,
    t11FcSpAuRejFabricIndex           T11FabricIndex,
    t11FcSpAuRejTimestamp             TimeStamp,
    t11FcSpAuRejDirection             INTEGER,
    t11FcSpAuRejType                  INTEGER,
    t11FcSpAuRejAuthMsgString         OCTET STRING,
    t11FcSpAuRejReasonCode            T11FcSpAuthRejectReasonCode,
    t11FcSpAuRejReasonCodeExp         T11FcSpAuthRejReasonCodeExp
}
        
T11FcSpAuRejectEntry ::= SEQUENCE {
    t11FcSpAuRejInterfaceIndex        InterfaceIndex,
    t11FcSpAuRejFabricIndex           T11FabricIndex,
    t11FcSpAuRejTimestamp             TimeStamp,
    t11FcSpAuRejDirection             INTEGER,
    t11FcSpAuRejType                  INTEGER,
    t11FcSpAuRejAuthMsgString         OCTET STRING,
    t11FcSpAuRejReasonCode            T11FcSpAuthRejectReasonCode,
    t11FcSpAuRejReasonCodeExp         T11FcSpAuthRejReasonCodeExp
}
        
t11FcSpAuRejInterfaceIndex OBJECT-TYPE
    SYNTAX       InterfaceIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The interface on which the rejected AUTH message was
           sent or received."
    ::= { t11FcSpAuRejectEntry 1 }
        
t11FcSpAuRejInterfaceIndex OBJECT-TYPE
    SYNTAX       InterfaceIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The interface on which the rejected AUTH message was
           sent or received."
    ::= { t11FcSpAuRejectEntry 1 }
        

t11FcSpAuRejFabricIndex OBJECT-TYPE SYNTAX T11FabricIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value identifying the particular Fabric on

t11FcSpAuRejFabricIndex对象类型语法T11FabricIndex MAX-ACCESS不可访问状态当前描述“标识上特定结构的索引值”

           which the rejected AUTH message was sent or received."
    ::= { t11FcSpAuRejectEntry 2 }
        
           which the rejected AUTH message was sent or received."
    ::= { t11FcSpAuRejectEntry 2 }
        
t11FcSpAuRejTimestamp OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The time at which the AUTH message was rejected.  If two
           rows have the same value of this object for the same
           entity on the same interface and Fabric, the value of
           this object for the later one is incremented by one."
    ::= { t11FcSpAuRejectEntry 3 }
        
t11FcSpAuRejTimestamp OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The time at which the AUTH message was rejected.  If two
           rows have the same value of this object for the same
           entity on the same interface and Fabric, the value of
           this object for the later one is incremented by one."
    ::= { t11FcSpAuRejectEntry 3 }
        

t11FcSpAuRejDirection OBJECT-TYPE SYNTAX INTEGER { sent(1), received(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "An indication of whether the rejection was sent or received by the identified entity.

t11FcSpAuRejDirection对象类型语法整数{sent(1),received(2)}MAX-ACCESS只读状态当前描述“指示拒绝是由标识的实体发送还是接收的。

           The value 'sent(1)' corresponds to a notification of
           type t11FcSpAuRejectSentNotify; the value 'received(2)'
           corresponds to t11FcSpAuRejectReceivedNotify."
    ::= { t11FcSpAuRejectEntry 4 }
        
           The value 'sent(1)' corresponds to a notification of
           type t11FcSpAuRejectSentNotify; the value 'received(2)'
           corresponds to t11FcSpAuRejectReceivedNotify."
    ::= { t11FcSpAuRejectEntry 4 }
        
t11FcSpAuRejType OBJECT-TYPE
    SYNTAX       INTEGER {
                     authReject(1),
                     swRjt(2),
                     lsRjt(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "An indication of whether the rejection was an
           AUTH_Reject, an SW_RJT or an LS_RJT."
    ::= { t11FcSpAuRejectEntry 5 }
        
t11FcSpAuRejType OBJECT-TYPE
    SYNTAX       INTEGER {
                     authReject(1),
                     swRjt(2),
                     lsRjt(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "An indication of whether the rejection was an
           AUTH_Reject, an SW_RJT or an LS_RJT."
    ::= { t11FcSpAuRejectEntry 5 }
        

t11FcSpAuRejAuthMsgString OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The binary content of the AUTH message that was rejected, formatted as an octet string (in network byte order) containing the content of the message.

t11FcSpAuRejAuthMsgString对象类型语法八位字节字符串(大小(0..255))MAX-ACCESS只读状态当前描述“被拒绝的身份验证消息的二进制内容,格式为包含消息内容的八位字节字符串(按网络字节顺序)。

If the binary content is unavailable, then the length is zero. Otherwise, the first octet of the message identifies the type of message:

如果二进制内容不可用,则长度为零。否则,消息的第一个八位组将标识消息的类型:

'90'h - an AUTH_ELS, see Table 6 in FC-SP, '40'h - an AUTH_ILS, see Table 3 in FC-SP, or '41'h - an B_AUTH_ILS, see Table 5 in FC-SP.

“90”h-认证,见FC-SP中的表6,“40”h-认证,见FC-SP中的表3,或“41”h-认证,见FC-SP中的表5。

           and the remainder of the message may be truncated."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Tables 3, 5 and 6."
    ::= { t11FcSpAuRejectEntry 6 }
        
           and the remainder of the message may be truncated."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Tables 3, 5 and 6."
    ::= { t11FcSpAuRejectEntry 6 }
        
t11FcSpAuRejReasonCode OBJECT-TYPE
    SYNTAX       T11FcSpAuthRejectReasonCode
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The reason code with which this AUTH message was
           rejected."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 17, 48, 52."
    ::= { t11FcSpAuRejectEntry 7 }
        
t11FcSpAuRejReasonCode OBJECT-TYPE
    SYNTAX       T11FcSpAuthRejectReasonCode
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The reason code with which this AUTH message was
           rejected."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 17, 48, 52."
    ::= { t11FcSpAuRejectEntry 7 }
        
t11FcSpAuRejReasonCodeExp OBJECT-TYPE
    SYNTAX       T11FcSpAuthRejReasonCodeExp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The reason code explanation with which this AUTH
           message was rejected."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 17, 48, 52."
    ::= { t11FcSpAuRejectEntry 8 }
        
t11FcSpAuRejReasonCodeExp OBJECT-TYPE
    SYNTAX       T11FcSpAuthRejReasonCodeExp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The reason code explanation with which this AUTH
           message was rejected."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 17, 48, 52."
    ::= { t11FcSpAuRejectEntry 8 }
        

-- -- Notifications --

----通知--

t11FcSpAuRejectSentNotify NOTIFICATION-TYPE OBJECTS { t11FamLocalSwitchWwn, t11FcSpAuRejAuthMsgString,

t11FcSpAuRejectSentNotify通知类型对象{t11FamLocalSwitchWwn,t11FcSpAuRejAuthMsgString,

t11FcSpAuRejType, t11FcSpAuRejReasonCode, t11FcSpAuRejReasonCodeExp } STATUS current DESCRIPTION "This notification indicates that a Switch (identified by the value of t11FamLocalSwitchWwn) has sent a reject message of the type indicated by t11FcSpAuRejType in response to an AUTH message.

t11FcSpAuRejType、t11FcSpAuRejReasonCode、T11FCSPaurejReasonCodeXP}状态当前描述“此通知表示交换机(由t11FamLocalSwitchWwn值标识)已发送t11FcSpAuRejType指示类型的拒绝消息,以响应身份验证消息。

           The content of the rejected AUTH message is given by the
           value of t11FcSpAuRejAuthMsgString.  The values of the
           Reason Code and Reason Code Explanation in the
           AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
           t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
    ::= { t11FcSpAuMIBNotifications 1 }
        
           The content of the rejected AUTH message is given by the
           value of t11FcSpAuRejAuthMsgString.  The values of the
           Reason Code and Reason Code Explanation in the
           AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
           t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
    ::= { t11FcSpAuMIBNotifications 1 }
        

t11FcSpAuRejectReceivedNotify NOTIFICATION-TYPE OBJECTS { t11FamLocalSwitchWwn, t11FcSpAuRejAuthMsgString, t11FcSpAuRejType, t11FcSpAuRejReasonCode, t11FcSpAuRejReasonCodeExp } STATUS current DESCRIPTION "This notification indicates that a Switch (identified by the value of t11FamLocalSwitchWwn) has received a reject message of the type indicated by t11FcSpAuRejType in response to an AUTH message.

t11FcSpAuRejectReceivedNotify通知类型对象{t11FamLocalSwitchWwn,t11FcSpAuRejAuthMsgString,t11FcSpAuRejType,t11FcSpAuRejReasonCode,T11FCSPaureJReasoncodeXP}状态当前描述“此通知指示开关(由t11FamLocalSwitchWwn的值标识)已收到t11FcSpAuRejType指示类型的拒绝消息,以响应身份验证消息。

           The content of the rejected AUTH message is given by the
           value of t11FcSpAuRejAuthMsgString.  The values of the
           Reason Code and Reason Code Explanation in the
           AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
           t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
    ::= { t11FcSpAuMIBNotifications 2 }
        
           The content of the rejected AUTH message is given by the
           value of t11FcSpAuRejAuthMsgString.  The values of the
           Reason Code and Reason Code Explanation in the
           AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
           t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
    ::= { t11FcSpAuMIBNotifications 2 }
        

-- -- Conformance --

----一致性--

t11FcSpAuMIBCompliances
                  OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 1 }
t11FcSpAuMIBGroups
                  OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 2 }
        
t11FcSpAuMIBCompliances
                  OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 1 }
t11FcSpAuMIBGroups
                  OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 2 }
        

t11FcSpAuMIBCompliance MODULE-COMPLIANCE STATUS current

T11FCSPAUMIB合规模块-合规状态当前

DESCRIPTION "The compliance statement for entities that implement one or more of the Authentication Protocols defined in FC-SP."

描述“实施FC-SP中定义的一个或多个身份验证协议的实体的合规性声明。”

MODULE -- this module MANDATORY-GROUPS { t11FcSpAuGeneralGroup, t11FcSpAuRejectedGroup, t11FcSpAuNotificationGroup }

模块--此模块为必填组{t11FcSpAuGeneralGroup,t11FcSpAuRejectedGroup,t11FcSpAuNotificationGroup}

GROUP t11FcSpAuIfStatsGroup DESCRIPTION "These counters, of particular FC-SP messages and events, are mandatory only for those systems that count such messages/events."

组t11FcSpAuIfStatsGroup DESCRIPTION“这些计数器,特别是FC-SP消息和事件,仅对统计此类消息/事件的系统是必需的。”

-- Write access is not required for any objects in this MIB module:

--此MIB模块中的任何对象都不需要写访问权限:

OBJECT t11FcSpAuStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpAuStorageType MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpAuSendRejNotifyEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpAuSendRejNotifyEnable最小访问只读说明“不需要写访问。”

OBJECT t11FcSpAuRcvRejNotifyEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpAuRcvRejNotifyEnable最小访问只读说明“不需要写访问。”

OBJECT t11FcSpAuDefaultLifetime MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpAuDefaultLifetime最小访问只读描述“不需要写访问。”

OBJECT t11FcSpAuDefaultLifetimeUnits MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpAuDefaultLifetimeUnits最小访问只读说明“不需要写访问。”

OBJECT t11FcSpAuRejectMaxRows MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpAuRejectMaxRows最小访问只读描述“不需要写访问。”

        ::= { t11FcSpAuMIBCompliances 1 }
        
        ::= { t11FcSpAuMIBCompliances 1 }
        

-- Units of Conformance

--一致性单位

t11FcSpAuGeneralGroup OBJECT-GROUP
    OBJECTS  { t11FcSpAuServerProtocol,
               t11FcSpAuStorageType,
               t11FcSpAuSendRejNotifyEnable,
               t11FcSpAuRcvRejNotifyEnable,
               t11FcSpAuDefaultLifetime,
               t11FcSpAuDefaultLifetimeUnits,
               t11FcSpAuRejectMaxRows,
               t11FcSpAuDhChapHashFunctions,
               t11FcSpAuDhChapDhGroups,
               t11FcSpAuFcapHashFunctions,
               t11FcSpAuFcapCertsSignFunctions,
               t11FcSpAuFcapDhGroups,
               t11FcSpAuFcpapHashFunctions,
               t11FcSpAuFcpapDhGroups,
               t11FcSpAuIfStatTimeouts }
    STATUS   current
    DESCRIPTION
           "A collection of objects for the capabilities and
           configuration parameters of FC-SP's Authentication
           Protocols.  The inclusion of t11FcSpAuIfStatTimeouts
           in this group provides information on mappings of
           Authentication entities onto interfaces."
    ::= { t11FcSpAuMIBGroups 1 }
        
t11FcSpAuGeneralGroup OBJECT-GROUP
    OBJECTS  { t11FcSpAuServerProtocol,
               t11FcSpAuStorageType,
               t11FcSpAuSendRejNotifyEnable,
               t11FcSpAuRcvRejNotifyEnable,
               t11FcSpAuDefaultLifetime,
               t11FcSpAuDefaultLifetimeUnits,
               t11FcSpAuRejectMaxRows,
               t11FcSpAuDhChapHashFunctions,
               t11FcSpAuDhChapDhGroups,
               t11FcSpAuFcapHashFunctions,
               t11FcSpAuFcapCertsSignFunctions,
               t11FcSpAuFcapDhGroups,
               t11FcSpAuFcpapHashFunctions,
               t11FcSpAuFcpapDhGroups,
               t11FcSpAuIfStatTimeouts }
    STATUS   current
    DESCRIPTION
           "A collection of objects for the capabilities and
           configuration parameters of FC-SP's Authentication
           Protocols.  The inclusion of t11FcSpAuIfStatTimeouts
           in this group provides information on mappings of
           Authentication entities onto interfaces."
    ::= { t11FcSpAuMIBGroups 1 }
        
t11FcSpAuIfStatsGroup OBJECT-GROUP
    OBJECTS  { t11FcSpAuIfStatInAcceptedMsgs,
               t11FcSpAuIfStatInLsSwRejectedMsgs,
               t11FcSpAuIfStatInAuthRejectedMsgs,
               t11FcSpAuIfStatOutAcceptedMsgs,
               t11FcSpAuIfStatOutLsSwRejectedMsgs,
               t11FcSpAuIfStatOutAuthRejectedMsgs }
    STATUS   current
    DESCRIPTION
           "A collection of objects for monitoring the
           operations of FC-SP's Authentication Protocols."
    ::= { t11FcSpAuMIBGroups 2 }
        
t11FcSpAuIfStatsGroup OBJECT-GROUP
    OBJECTS  { t11FcSpAuIfStatInAcceptedMsgs,
               t11FcSpAuIfStatInLsSwRejectedMsgs,
               t11FcSpAuIfStatInAuthRejectedMsgs,
               t11FcSpAuIfStatOutAcceptedMsgs,
               t11FcSpAuIfStatOutLsSwRejectedMsgs,
               t11FcSpAuIfStatOutAuthRejectedMsgs }
    STATUS   current
    DESCRIPTION
           "A collection of objects for monitoring the
           operations of FC-SP's Authentication Protocols."
    ::= { t11FcSpAuMIBGroups 2 }
        

t11FcSpAuRejectedGroup OBJECT-GROUP OBJECTS { t11FcSpAuRejDirection, t11FcSpAuRejType, t11FcSpAuRejAuthMsgString, t11FcSpAuRejReasonCode, t11FcSpAuRejReasonCodeExp }

t11FcSpAuRejectedGroup对象组对象{t11FcSpAuRejDirection,t11FcSpAuRejType,t11FcSpAuRejAuthMsgString,t11FcSpAuRejReasonCode,T11FCSPaurejReasoncodeXP}

    STATUS   current
    DESCRIPTION
           "A collection of objects holding information concerning
           FC-SP Authentication Protocol transactions that were
           recently rejected with an AUTH_Reject, with an SW_RJT,
           or with an LS_RJT."
    ::= { t11FcSpAuMIBGroups 3 }
        
    STATUS   current
    DESCRIPTION
           "A collection of objects holding information concerning
           FC-SP Authentication Protocol transactions that were
           recently rejected with an AUTH_Reject, with an SW_RJT,
           or with an LS_RJT."
    ::= { t11FcSpAuMIBGroups 3 }
        
t11FcSpAuNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS  { t11FcSpAuRejectSentNotify,
                     t11FcSpAuRejectReceivedNotify }
    STATUS   current
    DESCRIPTION
           "A collection of notifications for use in the management
           of FC-SP's Authentication Protocols."
    ::= { t11FcSpAuMIBGroups 4 }
        
t11FcSpAuNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS  { t11FcSpAuRejectSentNotify,
                     t11FcSpAuRejectReceivedNotify }
    STATUS   current
    DESCRIPTION
           "A collection of notifications for use in the management
           of FC-SP's Authentication Protocols."
    ::= { t11FcSpAuMIBGroups 4 }
        

END

终止

6.3. The T11-FC-SP-ZONING-MIB Module
6.3. T11-FC-SP-MIB模块
--*******************************************************************
-- FC-SP Zoning
--
        
--*******************************************************************
-- FC-SP Zoning
--
        
T11-FC-SP-ZONING-MIB  DEFINITIONS ::= BEGIN
        
T11-FC-SP-ZONING-MIB  DEFINITIONS ::= BEGIN
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    NOTIFICATION-TYPE, mib-2,
    Counter32
                        FROM SNMPv2-SMI                -- [RFC2578]
    TruthValue          FROM SNMPv2-TC                 -- [RFC2579]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                        FROM SNMPv2-CONF               -- [RFC2580]
    ifIndex             FROM IF-MIB                    -- [RFC2863]
    t11ZsServerEntry,
    t11ZsStatsEntry,
    t11ZsNotifyControlEntry,
    t11ZsFabricIndex    FROM T11-FC-ZONE-SERVER-MIB    -- [RFC4936]
    T11FcSpPolicyHashValue,
    T11FcSpPolicyHashFormat,
    T11FcSpHashCalculationStatus
                        FROM T11-FC-SP-TC-MIB;
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    NOTIFICATION-TYPE, mib-2,
    Counter32
                        FROM SNMPv2-SMI                -- [RFC2578]
    TruthValue          FROM SNMPv2-TC                 -- [RFC2579]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                        FROM SNMPv2-CONF               -- [RFC2580]
    ifIndex             FROM IF-MIB                    -- [RFC2863]
    t11ZsServerEntry,
    t11ZsStatsEntry,
    t11ZsNotifyControlEntry,
    t11ZsFabricIndex    FROM T11-FC-ZONE-SERVER-MIB    -- [RFC4936]
    T11FcSpPolicyHashValue,
    T11FcSpPolicyHashFormat,
    T11FcSpHashCalculationStatus
                        FROM T11-FC-SP-TC-MIB;
        

t11FcSpZoningMIB MODULE-IDENTITY LAST-UPDATED "200808200000Z"

T11FCSP分区MIB模块-标识最后更新的“200808200000Z”

ORGANIZATION "This MIB module was developed through the coordinated effort of two organizations: T11 began the development and the IETF (in the IMSS Working Group) finished it." CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com

组织“该MIB模块是通过两个组织的协调努力开发的:T11开始开发,IETF(在IMSS工作组中)完成了开发。”联系信息“Claudio DeSanti Cisco Systems,Inc.170 West Tasman Drive San Jose,CA 95134 USA电子邮件:cds@cisco.com

Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Email: kzm@cisco.com" DESCRIPTION "This MIB module specifies the extensions to the T11-FC-ZONE-SERVER-MIB module that are necessary for the management of Fibre Channel's FC-SP Zoning Servers, as defined in the FC-SP specification.

Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号邮编:95134电子邮件:kzm@cisco.com“说明”此MIB模块指定了管理光纤通道FC-SP分区服务器所需的T11-FC-ZONE-SERVER-MIB模块的扩展,如FC-SP规范中所定义。

The persistence of values written to these MIB objects is the same as the persistence of the objects they extend, i.e., it is given by the value of the relevant instance of t11ZsServerDatabaseStorageType (defined in the T11-FC-ZONE-SERVER-MIB module).

写入这些MIB对象的值的持久性与它们扩展的对象的持久性相同,即,它由t11ZsServerDatabaseStorageType(在T11-FC-ZONE-SERVER-MIB模块中定义)的相关实例的值给出。

           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 177 }
        
           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 177 }
        
t11FcSpZsMIBNotifications  OBJECT IDENTIFIER ::= { t11FcSpZoningMIB 0 }
t11FcSpZsMIBObjects        OBJECT IDENTIFIER ::= { t11FcSpZoningMIB 1 }
t11FcSpZsMIBConformance    OBJECT IDENTIFIER ::= { t11FcSpZoningMIB 2 }
t11FcSpZsConfiguration  OBJECT IDENTIFIER ::= { t11FcSpZsMIBObjects 1 }
t11FcSpZsStatistics     OBJECT IDENTIFIER ::= { t11FcSpZsMIBObjects 2 }
        
t11FcSpZsMIBNotifications  OBJECT IDENTIFIER ::= { t11FcSpZoningMIB 0 }
t11FcSpZsMIBObjects        OBJECT IDENTIFIER ::= { t11FcSpZoningMIB 1 }
t11FcSpZsMIBConformance    OBJECT IDENTIFIER ::= { t11FcSpZoningMIB 2 }
t11FcSpZsConfiguration  OBJECT IDENTIFIER ::= { t11FcSpZsMIBObjects 1 }
t11FcSpZsStatistics     OBJECT IDENTIFIER ::= { t11FcSpZsMIBObjects 2 }
        

-- -- Augmenting the table of Zone Servers --

----扩充区域服务器表--

t11FcSpZsServerTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpZsServerEntry

t11FcSpZsServerTable T11FcSpZsServerEntry的对象类型语法序列

    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table which provides FC-SP-specific information about
           the Zone Servers on each Fabric in one or more Switches."
    ::= { t11FcSpZsConfiguration 1 }
        
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table which provides FC-SP-specific information about
           the Zone Servers on each Fabric in one or more Switches."
    ::= { t11FcSpZsConfiguration 1 }
        
t11FcSpZsServerEntry OBJECT-TYPE
    SYNTAX       T11FcSpZsServerEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information relevant to FC-SP
           for a particular Zone Server for a particular Fabric
           on a particular Switch.  The Fabric and Switch are
           identified in the same manner as in t11ZsServerEntry."
    AUGMENTS   { t11ZsServerEntry }
    ::= { t11FcSpZsServerTable 1 }
        
t11FcSpZsServerEntry OBJECT-TYPE
    SYNTAX       T11FcSpZsServerEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information relevant to FC-SP
           for a particular Zone Server for a particular Fabric
           on a particular Switch.  The Fabric and Switch are
           identified in the same manner as in t11ZsServerEntry."
    AUGMENTS   { t11ZsServerEntry }
    ::= { t11FcSpZsServerTable 1 }
        
T11FcSpZsServerEntry ::= SEQUENCE {
    t11FcSpZsServerCapabilityObject      BITS,
    t11FcSpZsServerEnabled               TruthValue,
    t11FcSpZoneSetHashStatus             T11FcSpHashCalculationStatus,
    t11FcSpActiveZoneSetHashType         T11FcSpPolicyHashFormat,
    t11FcSpActiveZoneSetHash             T11FcSpPolicyHashValue,
    t11FcSpZoneSetDatabaseHashType       T11FcSpPolicyHashFormat,
    t11FcSpZoneSetDatabaseHash           T11FcSpPolicyHashValue
}
        
T11FcSpZsServerEntry ::= SEQUENCE {
    t11FcSpZsServerCapabilityObject      BITS,
    t11FcSpZsServerEnabled               TruthValue,
    t11FcSpZoneSetHashStatus             T11FcSpHashCalculationStatus,
    t11FcSpActiveZoneSetHashType         T11FcSpPolicyHashFormat,
    t11FcSpActiveZoneSetHash             T11FcSpPolicyHashValue,
    t11FcSpZoneSetDatabaseHashType       T11FcSpPolicyHashFormat,
    t11FcSpZoneSetDatabaseHash           T11FcSpPolicyHashValue
}
        
t11FcSpZsServerCapabilityObject OBJECT-TYPE
    SYNTAX       BITS {
                     fcSpZoning(0)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "Capabilities of the Zone Server for the particular Fabric
           on the particular Switch, with respect to FC-SP Zoning:
        
t11FcSpZsServerCapabilityObject OBJECT-TYPE
    SYNTAX       BITS {
                     fcSpZoning(0)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "Capabilities of the Zone Server for the particular Fabric
           on the particular Switch, with respect to FC-SP Zoning:
        
               fcSpZoning -- set to 1 to indicate the Switch is
                             capable of supporting FC-SP Zoning.
           "
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 184."
    ::= { t11FcSpZsServerEntry 1 }
        
               fcSpZoning -- set to 1 to indicate the Switch is
                             capable of supporting FC-SP Zoning.
           "
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 184."
    ::= { t11FcSpZsServerEntry 1 }
        
t11FcSpZsServerEnabled OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object indicates whether the Zone Server for the
           particular Fabric on the particular Switch, is operating in
           FC-SP Zoning mode."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 185."
    ::= { t11FcSpZsServerEntry 2 }
        
t11FcSpZsServerEnabled OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object indicates whether the Zone Server for the
           particular Fabric on the particular Switch, is operating in
           FC-SP Zoning mode."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 185."
    ::= { t11FcSpZsServerEntry 2 }
        

t11FcSpZoneSetHashStatus OBJECT-TYPE SYNTAX T11FcSpHashCalculationStatus MAX-ACCESS read-write STATUS current DESCRIPTION "When read, the value of this object is either:

t11FcSpZoneSetHashStatus对象类型语法T11FcSpHashCalculationStatus MAX-ACCESS读写状态当前描述“读取时,此对象的值为:

correct -- the corresponding instances of both t11FcSpActiveZoneSetHash and t11FcSpZoneSetDatabaseHash contain the correct hash values; or stale -- the corresponding instances of t11FcSpActiveZoneSetHash and t11FcSpZoneSetDatabaseHash contain stale (possibly incorrect) values;

正确--t11FcSpActiveZoneSetHash和t11FcSpZoneSetDatabaseHash的对应实例都包含正确的哈希值;或stale——t11FcSpActiveZoneSetHash和t11FcSpZoneSetDatabaseHash的对应实例包含过时(可能不正确)的值;

Writing a value of 'calculate' is a request to re-calculate and update the values of the corresponding instances of both t11FcSpActiveZoneSetHash and t11FcSpZoneSetDatabaseHash. Writing a value of 'correct' or 'stale' to this object is an error (e.g., 'wrongValue').

写入“calculate”的值是重新计算和更新t11FcSpActiveZoneSetHash和t11FcSpZoneSetDatabaseHash的相应实例的值的请求。将值“correct”或“stale”写入此对象是一个错误(例如,“errowvalue”)。

When the Active Zone Set and/or the Zone Set Database are updated, it is common that multiple changes need to be made at the same time. In such circumstances, the use of this object allows the hash values to be updated only once after all changes, rather than repeatedly/after each individual change.

更新活动分区集和/或分区集数据库时,通常需要同时进行多个更改。在这种情况下,使用此对象只允许在所有更改后更新哈希值一次,而不是在每次单独更改后重复/更新。

If and when the corresponding instance of t11ZsServerDatabaseStorageType has the value 'permanent(4)', then if write access is supported to any instance of a read-write object in any row of any table governed by the 'permanent' value of t11ZsServerDatabaseStorageType, then

如果t11ZsServerDatabaseStorageType的对应实例具有值“permanent(4)”,则如果受t11ZsServerDatabaseStorageType的“permanent”值管辖的任何表的任何行中的读写对象的任何实例都支持写访问,则

           write access to the corresponding instance of this object
           must also be supported."
    REFERENCE
           "t11ZsServerDatabaseStorageType in
           'Fibre Channel Zone Server MIB', RFC 4936, August 2007."
    DEFVAL      { stale }
    ::= { t11FcSpZsServerEntry 3 }
        
           write access to the corresponding instance of this object
           must also be supported."
    REFERENCE
           "t11ZsServerDatabaseStorageType in
           'Fibre Channel Zone Server MIB', RFC 4936, August 2007."
    DEFVAL      { stale }
    ::= { t11FcSpZsServerEntry 3 }
        
t11FcSpActiveZoneSetHashType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format used for the hash value contained in the
           corresponding instance of t11FcSpActiveZoneSetHash."
    ::= { t11FcSpZsServerEntry 4 }
        
t11FcSpActiveZoneSetHashType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format used for the hash value contained in the
           corresponding instance of t11FcSpActiveZoneSetHash."
    ::= { t11FcSpZsServerEntry 4 }
        
t11FcSpActiveZoneSetHash OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The value of the hash for the current Active Zone Set.
            The format of this value is given by the corresponding
            instance of t11FcSpActiveZoneSetHashType."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 187."
    ::= { t11FcSpZsServerEntry 5 }
        
t11FcSpActiveZoneSetHash OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The value of the hash for the current Active Zone Set.
            The format of this value is given by the corresponding
            instance of t11FcSpActiveZoneSetHashType."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 187."
    ::= { t11FcSpZsServerEntry 5 }
        
t11FcSpZoneSetDatabaseHashType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format used for the hash value contained in the
           corresponding instance of t11FcSpZoneSetDatabaseHash."
    ::= { t11FcSpZsServerEntry 6 }
        
t11FcSpZoneSetDatabaseHashType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format used for the hash value contained in the
           corresponding instance of t11FcSpZoneSetDatabaseHash."
    ::= { t11FcSpZsServerEntry 6 }
        

t11FcSpZoneSetDatabaseHash OBJECT-TYPE SYNTAX T11FcSpPolicyHashValue MAX-ACCESS read-only STATUS current DESCRIPTION "The value of the hash for the current Zone Set Database. The format of this value is given by the corresponding instance of t11FcSpZoneSetDatabaseHashType."

T11FCSPONESETDatabaseHash对象类型语法T11FcSpPolicyHashValue MAX-ACCESS只读状态当前描述“当前区域集数据库的哈希值。此值的格式由T11FCSPONESETDatabaseHashType的相应实例提供。”

    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 187."
    ::= { t11FcSpZsServerEntry 7 }
        
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Table 187."
    ::= { t11FcSpZsServerEntry 7 }
        

-- -- Additional Statistics for FC-SP Zoning --

----FC-SP分区的其他统计信息--

t11FcSpZsStatsTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpZsStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of statistics specific to FC-SP that are
           maintained by Zone Servers."
    ::= { t11FcSpZsStatistics 1 }
        
t11FcSpZsStatsTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpZsStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of statistics specific to FC-SP that are
           maintained by Zone Servers."
    ::= { t11FcSpZsStatistics 1 }
        
t11FcSpZsStatsEntry OBJECT-TYPE
    SYNTAX       T11FcSpZsStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A set of statistics specific to FC-SP for a particular
           Zone Server for a particular Fabric on a particular Switch.
           The Fabric and Switch are identified in the same manner as
           in t11ZsStatsEntry."
    AUGMENTS   { t11ZsStatsEntry }
    ::= { t11FcSpZsStatsTable 1 }
        
t11FcSpZsStatsEntry OBJECT-TYPE
    SYNTAX       T11FcSpZsStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A set of statistics specific to FC-SP for a particular
           Zone Server for a particular Fabric on a particular Switch.
           The Fabric and Switch are identified in the same manner as
           in t11ZsStatsEntry."
    AUGMENTS   { t11ZsStatsEntry }
    ::= { t11FcSpZsStatsTable 1 }
        
T11FcSpZsStatsEntry ::= SEQUENCE {
    t11FcSpZsSPCMITrequestsSent       Counter32,
    t11FcSpZsSPCMITrequestsAccepted   Counter32,
    t11FcSpZsSPCMITrequestsRejected   Counter32,
    t11FcSpZsZcpRequestsSent          Counter32,
    t11FcSpZsZcpRequestsAccepted      Counter32,
    t11FcSpZsZcpRequestsRejected      Counter32,
    t11FcSpZsZirRequestsAccepted      Counter32,
    t11FcSpZsZirRequestsRejected      Counter32
}
        
T11FcSpZsStatsEntry ::= SEQUENCE {
    t11FcSpZsSPCMITrequestsSent       Counter32,
    t11FcSpZsSPCMITrequestsAccepted   Counter32,
    t11FcSpZsSPCMITrequestsRejected   Counter32,
    t11FcSpZsZcpRequestsSent          Counter32,
    t11FcSpZsZcpRequestsAccepted      Counter32,
    t11FcSpZsZcpRequestsRejected      Counter32,
    t11FcSpZsZirRequestsAccepted      Counter32,
    t11FcSpZsZirRequestsRejected      Counter32
}
        

t11FcSpZsSPCMITrequestsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of SP Commit Zone Changes (SPCMIT) operation

t11FcSpZsSPCMITrequestsSent对象类型语法计数器32 MAX-ACCESS只读状态当前说明“SP提交区域更改(SPCMIT)操作的次数

requests sent by the Zone Server.

区域服务器发送的请求。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 1 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 1 }
        

t11FcSpZsSPCMITrequestsAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of SP Commit Zone Changes (SPCMIT) operation requests received and accepted by the Zone Server.

t11FcSpZsSPCMITrequestsAccepted OBJECT-TYPE语法计数器32 MAX-ACCESS只读状态当前描述“区域服务器接收和接受的SP提交区域更改(SPCMIT)操作请求数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 2 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 2 }
        

t11FcSpZsSPCMITrequestsRejected OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of SP Commit Zone Changes (SPCMIT) operation requests received but rejected by the Zone Server.

t11FcSpZsSPCMITrequestsRejected对象类型语法计数器32 MAX-ACCESS只读状态当前描述“区域服务器接收但拒绝的SP提交区域更改(SPCMIT)操作请求数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 3 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 3 }
        

t11FcSpZsZcpRequestsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Zoning Check Protocol (ZCP) requests sent by the Zone Server.

T11FCSPSzCsPrequestSSENT对象类型语法计数器32 MAX-ACCESS只读状态当前描述“区域服务器发送的分区检查协议(ZCP)请求数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 4 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 4 }
        

t11FcSpZsZcpRequestsAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Zoning Check Protocol (ZCP) requests received

T11FCSPSzCsPrequestsAccept对象类型语法计数器32 MAX-ACCESS只读状态当前说明“收到的分区检查协议(ZCP)请求数

and accepted by the Zone Server.

并被区域服务器接受。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 5 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 5 }
        

t11FcSpZsZcpRequestsRejected OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Zoning Check Protocol (ZCP) requests received but rejected by the Zone Server.

T11FCSPSzCsPrequestsRejected对象类型语法计数器32 MAX-ACCESS只读状态当前描述“区域服务器接收但拒绝的分区检查协议(ZCP)请求数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 6 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 6 }
        

t11FcSpZsZirRequestsAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Zoning Information Request (ZIR) requests received and accepted by the Zone Server.

T11FCSPZZIRequestsAccepted OBJECT-TYPE语法计数器32 MAX-ACCESS只读状态当前描述“区域服务器接收和接受的分区信息请求(ZIR)请求数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 7 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 7 }
        

t11FcSpZsZirRequestsRejected OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Zoning Information Request (ZIR) requests received but rejected by the Zone Server.

T11FCSPZZIRequestsRejected对象类型语法计数器32 MAX-ACCESS只读状态当前描述“区域服务器接收但拒绝的分区信息请求(ZIR)请求数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 8 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    ::= { t11FcSpZsStatsEntry 8 }
        

-- -- Enable/Disable for Notifications --

----启用/禁用通知--

t11FcSpZsNotifyControlTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpZsNotifyControlEntry

T11FCSPSsNotifyControlEntry的T11FCSPSsNotifyControlTable对象类型语法序列

    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of control information for notifications
           generated due to Zone Server events related to
           FC-SP Zoning."
    ::= { t11FcSpZsConfiguration 2 }
        
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of control information for notifications
           generated due to Zone Server events related to
           FC-SP Zoning."
    ::= { t11FcSpZsConfiguration 2 }
        
t11FcSpZsNotifyControlEntry OBJECT-TYPE
    SYNTAX       T11FcSpZsNotifyControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry is an augmentation of the notification control
           information for a Zone Server for a particular Fabric on a
           particular Switch.  The Fabric and Switch are identified in
           the same manner as in t11ZsNotifyControlEntry."
    AUGMENTS   { t11ZsNotifyControlEntry }
    ::= { t11FcSpZsNotifyControlTable 1 }
        
t11FcSpZsNotifyControlEntry OBJECT-TYPE
    SYNTAX       T11FcSpZsNotifyControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry is an augmentation of the notification control
           information for a Zone Server for a particular Fabric on a
           particular Switch.  The Fabric and Switch are identified in
           the same manner as in t11ZsNotifyControlEntry."
    AUGMENTS   { t11ZsNotifyControlEntry }
    ::= { t11FcSpZsNotifyControlTable 1 }
        
T11FcSpZsNotifyControlEntry ::= SEQUENCE {
     t11FcSpZsNotifyJoinSuccessEnable    TruthValue,
     t11FcSpZsNotifyJoinFailureEnable    TruthValue
}
        
T11FcSpZsNotifyControlEntry ::= SEQUENCE {
     t11FcSpZsNotifyJoinSuccessEnable    TruthValue,
     t11FcSpZsNotifyJoinFailureEnable    TruthValue
}
        
t11FcSpZsNotifyJoinSuccessEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether
           t11FcSpZsFabricJoinFailureNotify notifications should be
           generated by the Zone Server for this Fabric."
    ::= { t11FcSpZsNotifyControlEntry 1 }
        
t11FcSpZsNotifyJoinSuccessEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether
           t11FcSpZsFabricJoinFailureNotify notifications should be
           generated by the Zone Server for this Fabric."
    ::= { t11FcSpZsNotifyControlEntry 1 }
        
t11FcSpZsNotifyJoinFailureEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether
           t11FcSpZsFabricJoinSuccessNotify notifications should be
           generated by the Zone Server for this Fabric."
    ::= { t11FcSpZsNotifyControlEntry 2 }
        
t11FcSpZsNotifyJoinFailureEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether
           t11FcSpZsFabricJoinSuccessNotify notifications should be
           generated by the Zone Server for this Fabric."
    ::= { t11FcSpZsNotifyControlEntry 2 }
        

-- -- Notifications --

----通知--

t11FcSpZsFabricJoinSuccessNotify NOTIFICATION-TYPE OBJECTS { ifIndex, t11ZsFabricIndex } STATUS current DESCRIPTION "This notification indicates that a Switch that is part of one Fabric (indicated by the value of t11ZsFabricIndex) has successfully joined (on the interface indicated by the value of ifIndex) with a Switch that is part of another Fabric.

t11FcSpZsFabricJoinSuccessNotify通知类型对象{ifIndex,t11ZsFabricIndex}状态当前描述“此通知表示作为一个结构的一部分(由t11ZsFabricIndex值指示)的交换机已成功加入(在由ifIndex值指示的接口上)使用属于另一个结构的交换机。

           If multiple Virtual Fabrics are configured on an interface,
           and all are successfully joined at the same time, and if
           the agent so chooses, then it can generate just one
           notification in which t11ZsFabricIndex has the value 4096."
    ::= { t11FcSpZsMIBNotifications 1 }
        
           If multiple Virtual Fabrics are configured on an interface,
           and all are successfully joined at the same time, and if
           the agent so chooses, then it can generate just one
           notification in which t11ZsFabricIndex has the value 4096."
    ::= { t11FcSpZsMIBNotifications 1 }
        

t11FcSpZsFabricJoinFailureNotify NOTIFICATION-TYPE OBJECTS { ifIndex, t11ZsFabricIndex } STATUS current DESCRIPTION "This notification indicates that an E_Port on the local Switch has entered the Isolated state because a join between two Fabrics failed. The failure occurred on the local Fabric indicated by the value of t11ZsFabricIndex, on the interface indicated by the value of ifIndex.

t11FcSpZsFabricJoinFailureNotify通知类型对象{ifIndex,t11ZsFabricIndex}状态当前描述“此通知表示由于两个结构之间的连接失败,本地交换机上的E_端口已进入隔离状态。故障发生在t11ZsFabricIndex值指示的本地结构上,以及ifIndex值指示的接口上。

           If multiple Virtual Fabrics are configured on an interface,
           and all have a failure to join at the same time, and if the
           agent so chooses, then it can generate just one notification
           in which t11ZsFabricIndex has the value 4096."
    ::= { t11FcSpZsMIBNotifications 2 }
        
           If multiple Virtual Fabrics are configured on an interface,
           and all have a failure to join at the same time, and if the
           agent so chooses, then it can generate just one notification
           in which t11ZsFabricIndex has the value 4096."
    ::= { t11FcSpZsMIBNotifications 2 }
        

-- -- Conformance --

----一致性--

t11FcSpZsMIBCompliances
                    OBJECT IDENTIFIER ::= { t11FcSpZsMIBConformance 1 }
t11FcSpZsMIBGroups  OBJECT IDENTIFIER ::= { t11FcSpZsMIBConformance 2 }
        
t11FcSpZsMIBCompliances
                    OBJECT IDENTIFIER ::= { t11FcSpZsMIBConformance 1 }
t11FcSpZsMIBGroups  OBJECT IDENTIFIER ::= { t11FcSpZsMIBConformance 2 }
        

t11FcSpZsMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that implement the extensions specified in FC-SP for Fibre Channel's Zone Server."

T11FCSPZSMIB COMPLIANCE MODULE-COMPLIANCE STATUS当前描述“为光纤通道的区域服务器实现FC-SP中指定的扩展的实体的符合性声明。”

MODULE -- this module

模块——这个模块

MANDATORY-GROUPS { t11FcSpZsObjectsGroup, t11FcSpZsNotificationControlGroup, t11FcSpZsNotificationGroup }

必填组{t11FcSpZsObjectsGroup,t11FcSpZsNotificationControlGroup,t11FcSpZsNotificationGroup}

GROUP t11FcSpZsStatisticsGroup DESCRIPTION "These counters, containing Zone Server statistics, are mandatory only for those systems that count such events."

组t11FcSpZsStatisticsGroup DESCRIPTION“这些计数器包含区域服务器统计信息,仅对统计此类事件的系统是必需的。”

-- Write access is not required for any objects in this MIB module:

--此MIB模块中的任何对象都不需要写访问权限:

OBJECT t11FcSpZsServerEnabled MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpZsServerEnabled最小访问只读描述“不需要写访问。”

OBJECT t11FcSpZoneSetHashStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpZoneSetHashStatus最小访问只读说明“不需要写访问。”

OBJECT t11FcSpZsNotifyJoinSuccessEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSzNotifyJoinSuccessenable最小访问只读描述“不需要写访问。”

OBJECT t11FcSpZsNotifyJoinFailureEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSzNotifyJoinFailureEnable最小访问只读描述“不需要写访问。”

    ::= { t11FcSpZsMIBCompliances 1 }
        
    ::= { t11FcSpZsMIBCompliances 1 }
        

-- Units of Conformance

--一致性单位

t11FcSpZsObjectsGroup OBJECT-GROUP OBJECTS { t11FcSpZsServerCapabilityObject, t11FcSpZsServerEnabled, t11FcSpZoneSetHashStatus, t11FcSpActiveZoneSetHashType, t11FcSpActiveZoneSetHash, t11FcSpZoneSetDatabaseHashType, t11FcSpZoneSetDatabaseHash } STATUS current DESCRIPTION "A collection of objects for Zone configuration

T11FCSPSzObjectsGroup对象组对象{T11FCSPSzServerCapabilityObject,T11FCSPSzServerEnabled,t11FcSpZoneSetHashStatus,t11FcSpActiveZoneSetHashType,t11FcSpZoneSetDatabaseHashType,t11FcSpZoneSetDatabaseHash}状态当前描述“用于区域配置的对象集合

           information of a Zone Server capable of
           operating in FC-SP Zoning mode."
    ::= { t11FcSpZsMIBGroups 1 }
        
           information of a Zone Server capable of
           operating in FC-SP Zoning mode."
    ::= { t11FcSpZsMIBGroups 1 }
        
t11FcSpZsNotificationControlGroup OBJECT-GROUP
    OBJECTS  { t11FcSpZsNotifyJoinSuccessEnable,
               t11FcSpZsNotifyJoinFailureEnable
             }
    STATUS   current
    DESCRIPTION
           "A collection of notification control objects for
           monitoring Zone Server failures specific to FC-SP."
    ::= { t11FcSpZsMIBGroups 2 }
        
t11FcSpZsNotificationControlGroup OBJECT-GROUP
    OBJECTS  { t11FcSpZsNotifyJoinSuccessEnable,
               t11FcSpZsNotifyJoinFailureEnable
             }
    STATUS   current
    DESCRIPTION
           "A collection of notification control objects for
           monitoring Zone Server failures specific to FC-SP."
    ::= { t11FcSpZsMIBGroups 2 }
        
t11FcSpZsStatisticsGroup OBJECT-GROUP
    OBJECTS  { t11FcSpZsSPCMITrequestsSent,
               t11FcSpZsSPCMITrequestsAccepted,
               t11FcSpZsSPCMITrequestsRejected,
               t11FcSpZsZcpRequestsSent,
               t11FcSpZsZcpRequestsAccepted,
               t11FcSpZsZcpRequestsRejected,
               t11FcSpZsZirRequestsAccepted,
               t11FcSpZsZirRequestsRejected
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects for collecting Zone Server
            statistics which are specific to FC-SP."
    ::= { t11FcSpZsMIBGroups 3 }
        
t11FcSpZsStatisticsGroup OBJECT-GROUP
    OBJECTS  { t11FcSpZsSPCMITrequestsSent,
               t11FcSpZsSPCMITrequestsAccepted,
               t11FcSpZsSPCMITrequestsRejected,
               t11FcSpZsZcpRequestsSent,
               t11FcSpZsZcpRequestsAccepted,
               t11FcSpZsZcpRequestsRejected,
               t11FcSpZsZirRequestsAccepted,
               t11FcSpZsZirRequestsRejected
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects for collecting Zone Server
            statistics which are specific to FC-SP."
    ::= { t11FcSpZsMIBGroups 3 }
        
t11FcSpZsNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS { t11FcSpZsFabricJoinSuccessNotify,
                    t11FcSpZsFabricJoinFailureNotify
                  }
    STATUS        current
    DESCRIPTION
           "A collection of notification(s) for monitoring
           Zone Server events that are specific to FC-SP."
    ::= { t11FcSpZsMIBGroups 4 }
        
t11FcSpZsNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS { t11FcSpZsFabricJoinSuccessNotify,
                    t11FcSpZsFabricJoinFailureNotify
                  }
    STATUS        current
    DESCRIPTION
           "A collection of notification(s) for monitoring
           Zone Server events that are specific to FC-SP."
    ::= { t11FcSpZsMIBGroups 4 }
        

END

终止

6.4. The T11-FC-SP-POLICY-MIB Module
6.4. T11-FC-SP-POLICY-MIB模块
--*******************************************************************
-- FC-SP Policy
--
        
--*******************************************************************
-- FC-SP Policy
--
        
T11-FC-SP-POLICY-MIB  DEFINITIONS ::= BEGIN
        
T11-FC-SP-POLICY-MIB  DEFINITIONS ::= BEGIN
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, mib-2,
    Counter32, Unsigned32
                          FROM SNMPv2-SMI              -- [RFC2578]
    RowStatus, StorageType, TimeStamp,
    TruthValue            FROM SNMPv2-TC               -- [RFC2579]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                          FROM SNMPv2-CONF             -- [RFC2580]
    SnmpAdminString       FROM SNMP-FRAMEWORK-MIB      -- [RFC3411]
    InetAddress, InetPortNumber,
    InetAddressType       FROM INET-ADDRESS-MIB        -- [RFC4001]
    fcmInstanceIndex,
    FcNameIdOrZero,
    FcDomainIdOrZero      FROM FC-MGMT-MIB             -- [RFC4044]
    T11NsGs4RejectReasonCode
                          FROM T11-FC-NAME-SERVER-MIB  -- [RFC4438]
    T11FabricIndex        FROM T11-TC-MIB              -- [RFC4439]
    T11FcSpAlphaNumName,
    T11FcSpAlphaNumNameOrAbsent,
    T11FcSpPolicyName,
    T11FcSpPolicyNameType,
    T11FcSpPolicyObjectType,
    T11FcSpPolicyHashFormat,
    T11FcSpPolicyHashValue,
    T11FcSpHashCalculationStatus   FROM T11-FC-SP-TC-MIB;
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, mib-2,
    Counter32, Unsigned32
                          FROM SNMPv2-SMI              -- [RFC2578]
    RowStatus, StorageType, TimeStamp,
    TruthValue            FROM SNMPv2-TC               -- [RFC2579]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                          FROM SNMPv2-CONF             -- [RFC2580]
    SnmpAdminString       FROM SNMP-FRAMEWORK-MIB      -- [RFC3411]
    InetAddress, InetPortNumber,
    InetAddressType       FROM INET-ADDRESS-MIB        -- [RFC4001]
    fcmInstanceIndex,
    FcNameIdOrZero,
    FcDomainIdOrZero      FROM FC-MGMT-MIB             -- [RFC4044]
    T11NsGs4RejectReasonCode
                          FROM T11-FC-NAME-SERVER-MIB  -- [RFC4438]
    T11FabricIndex        FROM T11-TC-MIB              -- [RFC4439]
    T11FcSpAlphaNumName,
    T11FcSpAlphaNumNameOrAbsent,
    T11FcSpPolicyName,
    T11FcSpPolicyNameType,
    T11FcSpPolicyObjectType,
    T11FcSpPolicyHashFormat,
    T11FcSpPolicyHashValue,
    T11FcSpHashCalculationStatus   FROM T11-FC-SP-TC-MIB;
        

t11FcSpPolicyMIB MODULE-IDENTITY LAST-UPDATED "200808200000Z" ORGANIZATION "This MIB module was developed through the coordinated effort of two organizations: T11 began the development and the IETF (in the IMSS Working Group) finished it." CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com

T11FCSPolicyMIB模块-IDENTITY上次更新的“200808200000Z”组织“该MIB模块是通过两个组织的协调工作开发的:T11开始开发,IETF(在IMSS工作组中)完成了开发。”联系信息“Claudio DeSanti Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号,邮编95134电子邮件:cds@cisco.com

Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Email: kzm@cisco.com" DESCRIPTION "This MIB module specifies the management information required to manage Fabric Policies as defined by Fibre Channel's FC-SP specification.

Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号邮编:95134电子邮件:kzm@cisco.com“说明”此MIB模块指定管理光纤通道FC-SP规范定义的结构策略所需的管理信息。

FC-SP uses the term 'Policy Objects', sometimes abbreviated to just 'Objects', to refer to containers used to hold the data by which Fabric Policies are specified/stored. This obviously has the potential to cause confusion between 'Policy Objects' and 'MIB objects'. The DESCRIPTIONs in this MIB module attempt to avoid such confusion by the use of different adjectives and capitalization, even though such mechanisms are less effective when used in descriptors.

FC-SP使用术语“策略对象”(有时缩写为“对象”)来表示用于保存数据的容器,通过这些数据指定/存储结构策略。这显然有可能导致“策略对象”和“MIB对象”之间的混淆。本MIB模块中的描述试图通过使用不同的形容词和大小写来避免此类混淆,即使在描述符中使用此类机制时效果较差。

Some types of Policy Objects contain multiple items of information, each of which are held in the same format within the Policy Object. In such cases, FC-SP uses the term 'Entry' to describe each instance of the common format. For example, FC-SP defines an Attribute Policy Object as containing one or more 'Attribute Entries'. Again, this MIB module attempts to avoid confusion by the use of adjectives and capitalization to distinguish an Entry within a Policy Object from an entry within a MIB table.

某些类型的策略对象包含多个信息项,每个信息项在策略对象中以相同的格式保存。在这种情况下,FC-SP使用术语“条目”来描述通用格式的每个实例。例如,FC-SP将属性策略对象定义为包含一个或多个“属性条目”。同样,这个MIB模块试图通过使用形容词和大写字母来区分策略对象中的条目和MIB表中的条目来避免混淆。

A Fabric's database of Policy Objects consists of a set of active Objects that are to be enforced by that Fabric, as well as non-active Objects that are not enforced. Operations defined (in FC-SP) for Policy Management are:

结构的策略对象数据库由一组将由该结构强制执行的活动对象以及未强制执行的非活动对象组成。为策略管理定义的操作(在FC-SP中)包括:

- Add/Get/Remove operations on individual non-active Policy Objects, - Activate/Deactivate operations on a Policy Summary Object, and - Get operations on the active Policy Summary Object and/or on individual active Policy Objects.

- 添加/获取/删除单个非活动策略对象上的操作,-激活/停用策略摘要对象上的操作,以及-获取活动策略摘要对象和/或单个活动策略对象上的操作。

This MIB module has five parts:

此MIB模块有五个部分:

1) Active Policy Objects - read-only MIB objects representing the set of active Policy Objects for each Fabric,

1) 活动策略对象-只读MIB对象,表示每个结构的活动策略对象集,

2) Activate/Deactivate Operations

2) 激活/停用操作

- a read-write MIB object to invoke an Activate operation of the policies specified via a non-active Policy Summary Object, and - a read-write MIB object to invoke a Deactivate operation.

- 一个读写MIB对象,用于调用通过非活动策略摘要对象指定的策略的激活操作;一个读写MIB对象,用于调用停用操作。

3) Non-active Policy Objects - read-create MIB objects to allow the creation of non-active Policy Summary Objects (which reference non-active Policy Objects), and - read-create MIB objects representing non-active Policy Objects.

3) 非活动策略对象-读取create MIB Objects以允许创建非活动策略摘要对象(引用非活动策略对象),以及-读取create MIB Objects以表示非活动策略对象。

4) Statistics

4) 统计数字

5) Control information and Notifications

5) 控制信息和通知

           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 178 }
        
           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 178 }
        
t11FcSpPoMIBNotifications  OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 0 }
t11FcSpPoMIBObjects        OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 1 }
t11FcSpPoMIBConformance    OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 2 }
t11FcSpPoActive         OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 1 }
t11FcSpPoOperations     OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 2 }
t11FcSpPoNonActive      OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 3 }
t11FcSpPoStatistics     OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 4 }
t11FcSpPoControl        OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 5 }
        
t11FcSpPoMIBNotifications  OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 0 }
t11FcSpPoMIBObjects        OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 1 }
t11FcSpPoMIBConformance    OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 2 }
t11FcSpPoActive         OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 1 }
t11FcSpPoOperations     OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 2 }
t11FcSpPoNonActive      OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 3 }
t11FcSpPoStatistics     OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 4 }
t11FcSpPoControl        OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 5 }
        

-- -- Part 1 - Active Policy Objects --

----第1部分-活动策略对象--

t11FcSpPoTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing top-level information about active
           FC-SP policies on various Fabrics."
    ::= { t11FcSpPoActive 1 }
        
t11FcSpPoTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing top-level information about active
           FC-SP policies on various Fabrics."
    ::= { t11FcSpPoActive 1 }
        

t11FcSpPoEntry OBJECT-TYPE

T11FCSPoEntry对象类型

    SYNTAX       T11FcSpPoEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about active FC-SP policies
           for a particular Fabric, managed as part of the Fibre
           Channel management instance identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoTable 1 }
        
    SYNTAX       T11FcSpPoEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about active FC-SP policies
           for a particular Fabric, managed as part of the Fibre
           Channel management instance identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoTable 1 }
        
T11FcSpPoEntry ::= SEQUENCE {
    t11FcSpPoFabricIndex           T11FabricIndex,
    t11FcSpPoPolicySummaryObjName  T11FcSpAlphaNumName,
    t11FcSpPoAdminFabricName       FcNameIdOrZero,
    t11FcSpPoActivatedTimeStamp    TimeStamp
}
        
T11FcSpPoEntry ::= SEQUENCE {
    t11FcSpPoFabricIndex           T11FabricIndex,
    t11FcSpPoPolicySummaryObjName  T11FcSpAlphaNumName,
    t11FcSpPoAdminFabricName       FcNameIdOrZero,
    t11FcSpPoActivatedTimeStamp    TimeStamp
}
        
t11FcSpPoFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Fabric."
    ::= { t11FcSpPoEntry 1 }
        
t11FcSpPoFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Fabric."
    ::= { t11FcSpPoEntry 1 }
        
t11FcSpPoPolicySummaryObjName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of this Fabric's (active) Policy Summary Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3 and table 104."
    ::= { t11FcSpPoEntry 2 }
        
t11FcSpPoPolicySummaryObjName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of this Fabric's (active) Policy Summary Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3 and table 104."
    ::= { t11FcSpPoEntry 2 }
        

t11FcSpPoAdminFabricName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS read-only STATUS current DESCRIPTION "The administratively-specified name for this Fabric, as specified in the active Switch Membership List Object. This value is meaningful only when Static Domain_IDs are in use in a Fabric (see FC-SW-4). Static Domain_IDs are administratively enabled by a setting of the Switch Flags

T11FCSPOPAdminFabricName对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS只读状态当前描述“此结构的管理指定名称,如活动交换机成员资格列表对象中所指定。此值仅在结构中使用静态域ID时才有意义(请参阅FC-SW-4).静态域_id通过设置交换机标志以管理方式启用

in each Switch Entry in the Switch Membership List Object. If Static Domain_IDs are not in use, this value might be '0000000000000000'h.

在交换机成员列表对象中的每个交换机条目中。如果未使用静态域\u ID,则此值可能为“0000000000000000”h。

           The t11FamEnable, t11FamFabricName, and
           t11FamConfigDomainIdType objects defined in the
           T11-FC-FABRIC-ADDR-MGR-MIB module are also concerned with
           the use of an administratively-specified name for a Fabric
           and Static Domain_IDs.  When FC-SP Policy is in use in a
           Fabric, the values of t11FamEnable, t11FamFabricName, and
           t11FamConfigDomainIdType must be read-only and reflect the
           active Policy Objects.  For example, the value of
           t11FamFabricName must reflect the value of
           t11FcSpPoAdminFabricName."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 108.
            - Fibre Channel - Switch Fabric-4 (FC-SW-4),
              ANSI INCITS 418-2006, April 2006, section 7.1.
            - Fibre Channel Fabric Address Manager MIB', RFC 4439,
              March 2006."
    ::= { t11FcSpPoEntry 3 }
        
           The t11FamEnable, t11FamFabricName, and
           t11FamConfigDomainIdType objects defined in the
           T11-FC-FABRIC-ADDR-MGR-MIB module are also concerned with
           the use of an administratively-specified name for a Fabric
           and Static Domain_IDs.  When FC-SP Policy is in use in a
           Fabric, the values of t11FamEnable, t11FamFabricName, and
           t11FamConfigDomainIdType must be read-only and reflect the
           active Policy Objects.  For example, the value of
           t11FamFabricName must reflect the value of
           t11FcSpPoAdminFabricName."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 108.
            - Fibre Channel - Switch Fabric-4 (FC-SW-4),
              ANSI INCITS 418-2006, April 2006, section 7.1.
            - Fibre Channel Fabric Address Manager MIB', RFC 4439,
              March 2006."
    ::= { t11FcSpPoEntry 3 }
        
t11FcSpPoActivatedTimeStamp OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The value of sysUpTime at which this Fabric's Policy
           Summary Object was last activated, or zero if the same
           Policy Summary Object has been active since the last
           restart of the management system."
    ::= { t11FcSpPoEntry 4 }
        
t11FcSpPoActivatedTimeStamp OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The value of sysUpTime at which this Fabric's Policy
           Summary Object was last activated, or zero if the same
           Policy Summary Object has been active since the last
           restart of the management system."
    ::= { t11FcSpPoEntry 4 }
        

-- -- The table of Policy Summary Objects --

----策略摘要对象表--

t11FcSpPoSummaryTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoSummaryEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of information about active Policy Objects listed
           within FC-SP Policy Summary Objects."
    ::= { t11FcSpPoActive 2 }
        
t11FcSpPoSummaryTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoSummaryEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of information about active Policy Objects listed
           within FC-SP Policy Summary Objects."
    ::= { t11FcSpPoActive 2 }
        

t11FcSpPoSummaryEntry OBJECT-TYPE SYNTAX T11FcSpPoSummaryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one of the active Policy Objects listed within the Policy Summary Object for the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCSPOSUMARYENTRY对象类型语法T11FCSPOSUMARYENTRY MAX-ACCESS不可访问状态当前描述“每个条目都包含有关T11FCSPoFabricindex标识的结构的策略摘要对象中列出的活动策略对象之一的信息,并在FCMinStatanceIndex标识的光纤通道管理实例中进行管理。

           How many Policy Objects of a given type can be active at
           any one time for a given Fabric depends on the type, as
           specified in FC-SP.  For some types, it is one per Fabric;
           for other types, more than one can be active per Fabric.
           In both of these cases, the absence of any entries in this
           table for a particular type is equivalent to there being one
           Policy Object of that type that is empty, e.g., a Switch
           Membership List Object that identifies zero Switches."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3 and table 104."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoSummaryPolicyNameType,
             t11FcSpPoSummaryPolicyName }
    ::= { t11FcSpPoSummaryTable 1 }
        
           How many Policy Objects of a given type can be active at
           any one time for a given Fabric depends on the type, as
           specified in FC-SP.  For some types, it is one per Fabric;
           for other types, more than one can be active per Fabric.
           In both of these cases, the absence of any entries in this
           table for a particular type is equivalent to there being one
           Policy Object of that type that is empty, e.g., a Switch
           Membership List Object that identifies zero Switches."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3 and table 104."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoSummaryPolicyNameType,
             t11FcSpPoSummaryPolicyName }
    ::= { t11FcSpPoSummaryTable 1 }
        
T11FcSpPoSummaryEntry ::= SEQUENCE {
    t11FcSpPoSummaryPolicyNameType  T11FcSpPolicyNameType,
    t11FcSpPoSummaryPolicyName      T11FcSpPolicyName,
    t11FcSpPoSummaryPolicyType      T11FcSpPolicyObjectType,
    t11FcSpPoSummaryHashFormat      T11FcSpPolicyHashFormat,
    t11FcSpPoSummaryHashValue       T11FcSpPolicyHashValue
}
        
T11FcSpPoSummaryEntry ::= SEQUENCE {
    t11FcSpPoSummaryPolicyNameType  T11FcSpPolicyNameType,
    t11FcSpPoSummaryPolicyName      T11FcSpPolicyName,
    t11FcSpPoSummaryPolicyType      T11FcSpPolicyObjectType,
    t11FcSpPoSummaryHashFormat      T11FcSpPolicyHashFormat,
    t11FcSpPoSummaryHashValue       T11FcSpPolicyHashValue
}
        
t11FcSpPoSummaryPolicyNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     alphaNumericName(7)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoSummaryPolicyNameType and
           t11FcSpPoSummaryPolicyName specify the name of the Policy
           Object contained in the Policy Summary Object.
        
t11FcSpPoSummaryPolicyNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     alphaNumericName(7)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoSummaryPolicyNameType and
           t11FcSpPoSummaryPolicyName specify the name of the Policy
           Object contained in the Policy Summary Object.
        
           The type of name is 'nodeName' if the value of the
           corresponding instance of t11FcSpPoSummaryPolicyType is
           'switchConnectivity', or 'alphaNumericName' otherwise."
    ::= { t11FcSpPoSummaryEntry 1 }
        
           The type of name is 'nodeName' if the value of the
           corresponding instance of t11FcSpPoSummaryPolicyType is
           'switchConnectivity', or 'alphaNumericName' otherwise."
    ::= { t11FcSpPoSummaryEntry 1 }
        
t11FcSpPoSummaryPolicyName OBJECT-TYPE
    SYNTAX       T11FcSpPolicyName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoSummaryPolicyNameType and
           t11FcSpPoSummaryPolicyName specify the name of the Policy
           Object contained in the Policy Summary Object."
    ::= { t11FcSpPoSummaryEntry 2 }
        
t11FcSpPoSummaryPolicyName OBJECT-TYPE
    SYNTAX       T11FcSpPolicyName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoSummaryPolicyNameType and
           t11FcSpPoSummaryPolicyName specify the name of the Policy
           Object contained in the Policy Summary Object."
    ::= { t11FcSpPoSummaryEntry 2 }
        
t11FcSpPoSummaryPolicyType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyObjectType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The 'Identifier' that specifies the type of this
           Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3.1 and table 104."
    ::= { t11FcSpPoSummaryEntry 3 }
        
t11FcSpPoSummaryPolicyType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyObjectType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The 'Identifier' that specifies the type of this
           Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3.1 and table 104."
    ::= { t11FcSpPoSummaryEntry 3 }
        
t11FcSpPoSummaryHashFormat OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format of this Policy Object's hash value as
           contained in the corresponding instance of the
           t11FcSpPoSummaryHashValue object."
    ::= { t11FcSpPoSummaryEntry 4 }
        
t11FcSpPoSummaryHashFormat OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format of this Policy Object's hash value as
           contained in the corresponding instance of the
           t11FcSpPoSummaryHashValue object."
    ::= { t11FcSpPoSummaryEntry 4 }
        
t11FcSpPoSummaryHashValue OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The hash value of this Policy Object, in the format
           identified by the corresponding instance of the
           t11FcSpPoSummaryHashFormat object."
    ::= { t11FcSpPoSummaryEntry 5 }
        
t11FcSpPoSummaryHashValue OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The hash value of this Policy Object, in the format
           identified by the corresponding instance of the
           t11FcSpPoSummaryHashFormat object."
    ::= { t11FcSpPoSummaryEntry 5 }
        

-- -- Switch Entries in Active Switch Membership List Objects --

----活动交换机成员列表对象中的交换机条目--

t11FcSpPoSwMembTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoSwMembEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Switch Entries in active Switch Membership List Objects.

T11FCSPOSWMEMBTable对象类型T11FCSPOSWMEMENTRY MAX-ACCESS的语法序列不可访问状态当前描述“活动交换机成员资格列表对象中的交换机条目表”。

           One Switch Membership List Object is represented by all
           of the rows of this table that have the same values
           of fcmInstanceIndex and t11FcSpPoFabricIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoActive 3 }
        
           One Switch Membership List Object is represented by all
           of the rows of this table that have the same values
           of fcmInstanceIndex and t11FcSpPoFabricIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoActive 3 }
        
t11FcSpPoSwMembEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoSwMembEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one Switch Entry
           within the active Switch Membership List Object for the
           Fabric identified by t11FcSpPoFabricIndex and managed
           within the Fibre Channel management instance identified
           by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoSwMembSwitchNameType, t11FcSpPoSwMembSwitchName }
    ::= { t11FcSpPoSwMembTable 1 }
        
t11FcSpPoSwMembEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoSwMembEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one Switch Entry
           within the active Switch Membership List Object for the
           Fabric identified by t11FcSpPoFabricIndex and managed
           within the Fibre Channel management instance identified
           by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoSwMembSwitchNameType, t11FcSpPoSwMembSwitchName }
    ::= { t11FcSpPoSwMembTable 1 }
        
T11FcSpPoSwMembEntry ::= SEQUENCE {
    t11FcSpPoSwMembSwitchNameType   T11FcSpPolicyNameType,
    t11FcSpPoSwMembSwitchName       FcNameIdOrZero,
    t11FcSpPoSwMembSwitchFlags      BITS,
    t11FcSpPoSwMembDomainID         FcDomainIdOrZero,
    t11FcSpPoSwMembPolicyDataRole   INTEGER,
    t11FcSpPoSwMembAuthBehaviour    BITS,
    t11FcSpPoSwMembAttribute        T11FcSpAlphaNumNameOrAbsent
}
        
T11FcSpPoSwMembEntry ::= SEQUENCE {
    t11FcSpPoSwMembSwitchNameType   T11FcSpPolicyNameType,
    t11FcSpPoSwMembSwitchName       FcNameIdOrZero,
    t11FcSpPoSwMembSwitchFlags      BITS,
    t11FcSpPoSwMembDomainID         FcDomainIdOrZero,
    t11FcSpPoSwMembPolicyDataRole   INTEGER,
    t11FcSpPoSwMembAuthBehaviour    BITS,
    t11FcSpPoSwMembAttribute        T11FcSpAlphaNumNameOrAbsent
}
        

t11FcSpPoSwMembSwitchNameType OBJECT-TYPE SYNTAX T11FcSpPolicyNameType { nodeName(1),

T11FCSPOSWMEMBSwitchNameType对象类型语法T11FcSpPolicyNameType{nodeName(1),

restrictedNodeName(2), wildcard(5), restrictedWildcard(6) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "If the value of this object is 'nodeName' or 'restrictedNodeName', then the combination of this object and t11FcSpPoSwMembSwitchName specify the Switch Name of this Switch Entry.

restrictedNodeName(2)、通配符(5)、restrictedWildcard(6)}MAX-ACCESS不可访问状态当前描述“如果此对象的值为'nodeName'或'restrictedNodeName',则此对象和T11FCSPOSWMEMBSwitchName的组合指定此开关项的开关名称。

The membership is restricted or unrestricted based on the name type. Restricted membership means that the Switch is not allowed to be part of the Fabric unless allowed by a specific Switch Connectivity Object. Unrestricted membership means that the Switch is allowed to be part of the Fabric unless disallowed by a specific Switch Connectivity Object.

根据名称类型限制或不限制成员资格。受限成员资格意味着除非特定交换机连接对象允许,否则不允许交换机成为结构的一部分。无限制成员资格意味着交换机被允许成为结构的一部分,除非特定交换机连接对象不允许。

           The values of 'wildcard' and 'restrictedWildcard' provide
           the means to specify whether to allow/deny membership for
           Switches not explicitly named in the Switch Membership
           List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoSwMembEntry 1 }
        
           The values of 'wildcard' and 'restrictedWildcard' provide
           the means to specify whether to allow/deny membership for
           Switches not explicitly named in the Switch Membership
           List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoSwMembEntry 1 }
        

t11FcSpPoSwMembSwitchName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "When the value of t11FcSpPoSwMembSwitchNameType is 'wildcard' or 'restrictedWildcard', this object has the value '0000000000000000'h.

T11FCSPOSWMEMBSwitchName对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS不可访问状态当前描述“当T11FCSPOSWMEMBSwitchNameType的值为“通配符”或“受限通配符”时,此对象的值为“0000000000000000”。

           Otherwise, the combination of t11FcSpPoSwMembSwitchNameType
           and this object specify the Switch Name of this Switch
           Entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoSwMembEntry 2 }
        
           Otherwise, the combination of t11FcSpPoSwMembSwitchNameType
           and this object specify the Switch Name of this Switch
           Entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoSwMembEntry 2 }
        
t11FcSpPoSwMembSwitchFlags OBJECT-TYPE
    SYNTAX       BITS {
                     staticDomainID(0),
                     insistentDomainID(1),
                     serialPortsAccess(2),
                     physicalPortsAccess(3),
                     managerRole(4)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Switch:
        
t11FcSpPoSwMembSwitchFlags OBJECT-TYPE
    SYNTAX       BITS {
                     staticDomainID(0),
                     insistentDomainID(1),
                     serialPortsAccess(2),
                     physicalPortsAccess(3),
                     managerRole(4)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Switch:
        

'staticDomainID' - if this bit is set, the Switch uses the 'Static Domain_IDs behavior' (as defined in FC-SW-4). This bit needs to have the same setting for all Switches in a Fabric's Switch Membership List Object, or else the Fabric will partition. If this bit is set, the Domain_ID for the Switch is given by the corresponding instance of t11FcSpPoSwMembDomainID.

“staticDomainID”-如果设置了此位,交换机将使用“静态域ID行为”(如FC-SW-4中所定义)。对于结构的交换机成员列表对象中的所有交换机,此位需要具有相同的设置,否则结构将进行分区。如果设置了此位,则交换机的域ID由T11FCSPOSWMEMBDOMAINID的相应实例给出。

'insistentDomainID' - if this bit is set, the Switch uses the 'Insistent Domain_ID behavior' (see t11FamConfigDomainId of T11-FC-FABRIC-ADDR-MGR-MIB), the Domain_ID for the Switch is given by the corresponding instance of t11FcSpPoSwMembDomainID.

“ConsistentDomainID”-如果设置了此位,交换机将使用“ConsistentDomain_ID行为”(请参阅T11-FC-FABRIC-ADDR-MGR-MIB的t11FamConfigDomainId),交换机的域ID由T11FCSPOSWMBDomainID的相应实例给出。

'serialPortsAccess' - the Switch allows management through serial ports when and only when this bit is set.

“serialPortsAccess”-当且仅当设置此位时,交换机才允许通过串行端口进行管理。

'physicalPortsAccess' - the Switch allows management through the physical panel when and only when this bit is set.

“physicalPortsAccess”-当且仅当设置此位时,交换机才允许通过物理面板进行管理。

'managerRole' - the Switch is allowed to change the Fabric Policy configuration (on receipt of any of the EACA, Enhanced Stage Fabric Configuration (ESFC), Enhanced Update Fabric Configuration (EUFC), ACA, SFC, or UFC SW_ILSs) if and only if this bit is set.

“managerRole”-仅当设置了此位时,才允许交换机更改结构策略配置(在收到任何EACA、增强的阶段结构配置(ESFC)、增强的更新结构配置(EUFC)、ACA、SFC或UFC SW_ILSs)。

Whenever a Fabric has Active Policy Objects, the value of the t11FamConfigDomainIdType object defined in the T11-FC-FABRIC-ADDR-MGR-MIB module must be read-only and reflect the values of the 'staticDomainID' and 'insistentDomainID' bits of this object." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D,

每当结构具有活动策略对象时,在T11-FC-Fabric-ADDR-MGR-MIB模块中定义的T11FAMConfigDomainId对象的值必须是只读的,并反映此对象的“staticDomainID”和“ConsistentDomainId”位的值。“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,

              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 112.
            - Fibre Channel - Switch Fabric-4 (FC-SW-4),
              ANSI INCITS 418-2006, April 2006, section 7.1.
            - t11FamConfigDomainIdType, T11-FC-FABRIC-ADDR-MGR-MIB,
              Fibre Channel Fabric Address Manager MIB, RFC 4439."
    ::= { t11FcSpPoSwMembEntry 3 }
        
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 112.
            - Fibre Channel - Switch Fabric-4 (FC-SW-4),
              ANSI INCITS 418-2006, April 2006, section 7.1.
            - t11FamConfigDomainIdType, T11-FC-FABRIC-ADDR-MGR-MIB,
              Fibre Channel Fabric Address Manager MIB, RFC 4439."
    ::= { t11FcSpPoSwMembEntry 3 }
        

t11FcSpPoSwMembDomainID OBJECT-TYPE SYNTAX FcDomainIdOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "The specified Domain_ID value when either of the 'staticDomainID' or 'insistentDomainID' bits are set in the corresponding instance of t11FcSpPoSwMembSwitchFlags.

T11FCSPOSWMEMBDOMAINID对象类型语法FcDomainIdOrZero MAX-ACCESS只读状态当前描述“在T11FCSPOSWMEMBSwitchFlags的相应实例中设置“staticDomainID”或“ConsistentDomainId”位时,指定的域ID值。

           Whenever a Fabric has Active Policy Objects, the value
           of the t11FamConfigDomainId object defined in the
           T11-FC-FABRIC-ADDR-MGR-MIB module must be read-only and
           reflect the value of this object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and tables 111 and 112.
            - t11FamConfigDomainId, T11-FC-FABRIC-ADDR-MGR-MIB,
              Fibre Channel Fabric Address Manager MIB, RFC 4439."
    ::= { t11FcSpPoSwMembEntry 4 }
        
           Whenever a Fabric has Active Policy Objects, the value
           of the t11FamConfigDomainId object defined in the
           T11-FC-FABRIC-ADDR-MGR-MIB module must be read-only and
           reflect the value of this object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and tables 111 and 112.
            - t11FamConfigDomainId, T11-FC-FABRIC-ADDR-MGR-MIB,
              Fibre Channel Fabric Address Manager MIB, RFC 4439."
    ::= { t11FcSpPoSwMembEntry 4 }
        
t11FcSpPoSwMembPolicyDataRole OBJECT-TYPE
    SYNTAX       INTEGER {
                     client(1),
                     autonomous(2),
                     server(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The role of the Switch in terms of which Policy data
           it retains/maintains:
        
t11FcSpPoSwMembPolicyDataRole OBJECT-TYPE
    SYNTAX       INTEGER {
                     client(1),
                     autonomous(2),
                     server(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The role of the Switch in terms of which Policy data
           it retains/maintains:
        

'client' - the Switch operates as a Client Switch. A Client Switch maintains its own Switch Connectivity Object and all Fabric-wide List Objects. If FC-SP Zoning is used, a Client Switch maintains only the subset of the Active Zone Set that it requires to enforce the current Fabric Zoning configuration.

“客户端”-交换机作为客户端交换机运行。客户端交换机维护其自己的交换机连接对象和所有结构范围的列表对象。如果使用FC-SP分区,则客户端交换机仅维护强制当前结构分区配置所需的活动分区集的子集。

'autonomous' - the Switch operates as an Autonomous Switch. An Autonomous Switch maintains its own Switch Connectivity Object and all Fabric-wide List Objects. This is the same as 'client' except that if FC-SP Zoning is used, an Autonomous Switch maintains a complete copy of the Fabric Zoning Database.

“自动”——开关作为自动开关运行。自治交换机维护其自己的交换机连接对象和所有结构范围的列表对象。这与“客户端”相同,只是如果使用FC-SP分区,自治交换机会维护结构分区数据库的完整副本。

             'server' - the Switch operates as a Server Switch.
           A Server Switch maintains all Fabric-wide List Objects
           and the Switch Connectivity Objects of each Switch in
           the Fabric.  If FC-SP Zoning is used, a Server Switch
           maintains a complete copy of the Fabric Zoning Database."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 113."
    ::= { t11FcSpPoSwMembEntry 5 }
        
             'server' - the Switch operates as a Server Switch.
           A Server Switch maintains all Fabric-wide List Objects
           and the Switch Connectivity Objects of each Switch in
           the Fabric.  If FC-SP Zoning is used, a Server Switch
           maintains a complete copy of the Fabric Zoning Database."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 113."
    ::= { t11FcSpPoSwMembEntry 5 }
        
t11FcSpPoSwMembAuthBehaviour  OBJECT-TYPE
    SYNTAX       BITS {
                     mustAuthenticate(0),
                     rejectIsFailure(1)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The authentication behaviour of the Switch:
        
t11FcSpPoSwMembAuthBehaviour  OBJECT-TYPE
    SYNTAX       BITS {
                     mustAuthenticate(0),
                     rejectIsFailure(1)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The authentication behaviour of the Switch:
        

'mustAuthenticate' - if this bit is set, all connections between this Switch and neighbor Switches must be authenticated.

“mustAuthenticate”-如果设置了此位,则必须验证此交换机和相邻交换机之间的所有连接。

             'rejectIsFailure' - if this bit is set, the rejection of
           an AUTH_Negotiate message must be considered as an
           authentication failure by this Switch."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 114."
    ::= { t11FcSpPoSwMembEntry 6 }
        
             'rejectIsFailure' - if this bit is set, the rejection of
           an AUTH_Negotiate message must be considered as an
           authentication failure by this Switch."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 114."
    ::= { t11FcSpPoSwMembEntry 6 }
        

t11FcSpPoSwMembAttribute OBJECT-TYPE SYNTAX T11FcSpAlphaNumNameOrAbsent MAX-ACCESS read-only STATUS current DESCRIPTION "The name of an active Attribute Policy Object that is defined for this Switch, or the zero-length string. The

T11FCSPOSWMEMBATTribute对象类型语法T11FcSpAlphaNumNameOrAbsent MAX-ACCESS只读状态当前描述“为该开关定义的活动属性策略对象的名称,或零长度字符串

           zero-length string indicates that no Attribute Policy
           Object is defined for this Switch."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoSwMembEntry 7 }
        
           zero-length string indicates that no Attribute Policy
           Object is defined for this Switch."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoSwMembEntry 7 }
        

-- -- Node Entries in Active Node Membership List Objects --

----活动节点成员列表对象中的节点条目--

t11FcSpPoNoMembTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNoMembEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Node Entries in active Node Membership List Objects.

T11FCSPONOMEMMBTABLE T11FCSPONOMEMBENTRY MAX-ACCESS的对象类型语法序列不可访问状态当前描述“活动节点成员资格列表对象中的节点条目表”。

           One Node Membership List Object is represented by all
           of the rows of this table that have the same values
           of fcmInstanceIndex and t11FcSpPoFabricIndex."
    ::= { t11FcSpPoActive 4 }
        
           One Node Membership List Object is represented by all
           of the rows of this table that have the same values
           of fcmInstanceIndex and t11FcSpPoFabricIndex."
    ::= { t11FcSpPoActive 4 }
        
t11FcSpPoNoMembEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoNoMembEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one Node Entry
           within the active Node Membership List Object for the
           Fabric identified by t11FcSpPoFabricIndex and managed
           within the Fibre Channel management instance identified
           by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNoMembNodeNameType, t11FcSpPoNoMembNodeName }
    ::= { t11FcSpPoNoMembTable 1 }
        
t11FcSpPoNoMembEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoNoMembEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one Node Entry
           within the active Node Membership List Object for the
           Fabric identified by t11FcSpPoFabricIndex and managed
           within the Fibre Channel management instance identified
           by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNoMembNodeNameType, t11FcSpPoNoMembNodeName }
    ::= { t11FcSpPoNoMembTable 1 }
        
T11FcSpPoNoMembEntry ::= SEQUENCE {
    t11FcSpPoNoMembNodeNameType   T11FcSpPolicyNameType,
    t11FcSpPoNoMembNodeName       FcNameIdOrZero,
    t11FcSpPoNoMembFlags          BITS,
    t11FcSpPoNoMembCtAccessIndex  Unsigned32,
    t11FcSpPoNoMembAttribute      T11FcSpAlphaNumNameOrAbsent
}
        
T11FcSpPoNoMembEntry ::= SEQUENCE {
    t11FcSpPoNoMembNodeNameType   T11FcSpPolicyNameType,
    t11FcSpPoNoMembNodeName       FcNameIdOrZero,
    t11FcSpPoNoMembFlags          BITS,
    t11FcSpPoNoMembCtAccessIndex  Unsigned32,
    t11FcSpPoNoMembAttribute      T11FcSpAlphaNumNameOrAbsent
}
        

t11FcSpPoNoMembNodeNameType OBJECT-TYPE

T11FCSPONOMEMBNodeNameType对象类型

    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this Node Entry applies to Nodes not
           explicitly named in the Node Membership List Object.
        
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this Node Entry applies to Nodes not
           explicitly named in the Node Membership List Object.
        

Otherwise, the combination of this object and t11FcSpPoNoMembNodeName specify the name of this Node Entry in the active Node Membership List Object. A Node is identified by its Node Name or by one or more of its Port Names.

否则,此对象和T11FCSPONOMEMBNodeName的组合将在活动节点成员列表对象中指定此节点项的名称。节点由其节点名或一个或多个端口名标识。

           Restricted membership means that a Node is not allowed to be
           connected to the Fabric unless allowed by a specific Switch
           Connectivity Object.  Unrestricted membership means that a
           Node is allowed to be connected to the Fabric unless
           disallowed by a specific Switch Connectivity Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNoMembEntry 1 }
        
           Restricted membership means that a Node is not allowed to be
           connected to the Fabric unless allowed by a specific Switch
           Connectivity Object.  Unrestricted membership means that a
           Node is allowed to be connected to the Fabric unless
           disallowed by a specific Switch Connectivity Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNoMembEntry 1 }
        

t11FcSpPoNoMembNodeName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "If the value of t11FcSpPoNoMembNodeNameType is 'wildcard' or 'restrictedWildcard', this object has the value '0000000000000000'h.

T11FCSPONOMEMBNODENAME对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS不可访问状态当前描述“如果T11FCSPONOMEMBNODENAMETYPE的值为“通配符”或“受限通配符”,则此对象的值为“0000000000000000”。

Otherwise, the combination of t11FcSpPoNoMembNodeNameType and this object specify the name of this Node Entry is the active Node Membership List Object." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, section 7.1.4.1 and table 116."

否则,T11FCSPONOMEMBNODENAMETYPE和此对象的组合指定此节点条目的名称为活动节点成员列表对象。“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,第7.1.4.1节和表116。”

    ::= { t11FcSpPoNoMembEntry 2 }
        
    ::= { t11FcSpPoNoMembEntry 2 }
        
t11FcSpPoNoMembFlags OBJECT-TYPE
    SYNTAX       BITS {
                     scsiEnclosureAccess(0),
                     authenticationRequired(1)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Node:
        
t11FcSpPoNoMembFlags OBJECT-TYPE
    SYNTAX       BITS {
                     scsiEnclosureAccess(0),
                     authenticationRequired(1)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Node:
        

'scsiEnclosureAccess' - the Node is allowed to control any Switch through SCSI Enclosure Services if this bit is set. If a Switch does not support SCSI Enclosure Services, this bit is ignored.

“scsiEnclosureAccess”-如果设置了此位,则允许节点通过SCSI机柜服务控制任何交换机。如果交换机不支持SCSI机柜服务,则忽略此位。

                'authenticationRequired'   - the Node is required to
           authenticate itself to any Switch to which it is connected
           if and only if this bit is set."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 118."
    ::= { t11FcSpPoNoMembEntry 3 }
        
                'authenticationRequired'   - the Node is required to
           authenticate itself to any Switch to which it is connected
           if and only if this bit is set."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 118."
    ::= { t11FcSpPoNoMembEntry 3 }
        

t11FcSpPoNoMembCtAccessIndex OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "If the value of this object is zero, then access by this Node to Generic Services is not limited by a Common Transport Access Specifier.

T11FCSPONOMEMBCTAccessIndex对象类型语法Unsigned32(0..4294967295)MAX-ACCESS只读状态当前描述“如果此对象的值为零,则此节点对通用服务的访问不受通用传输访问说明符的限制。

           Otherwise, the limits are specified by the set of Common
           Transport Access Descriptors contained in those rows of
           the t11FcSpPoCtDescrTable for the same Fabric and for which
           the value of t11FcSpPoCtDescrSpecifierIndex is the same as
           the value of this object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.4.1 and tables 118/119/120/121."
    ::= { t11FcSpPoNoMembEntry 4 }
        
           Otherwise, the limits are specified by the set of Common
           Transport Access Descriptors contained in those rows of
           the t11FcSpPoCtDescrTable for the same Fabric and for which
           the value of t11FcSpPoCtDescrSpecifierIndex is the same as
           the value of this object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.4.1 and tables 118/119/120/121."
    ::= { t11FcSpPoNoMembEntry 4 }
        

t11FcSpPoNoMembAttribute OBJECT-TYPE

T11FCSPONOMEMBATTribute对象类型

    SYNTAX       T11FcSpAlphaNumNameOrAbsent
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of an active Attribute Policy Object that is
           defined for this Node, or the zero-length string.  The
           zero-length string indicates that no Attribute Policy
           Object is defined for this Node."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNoMembEntry 5 }
        
    SYNTAX       T11FcSpAlphaNumNameOrAbsent
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of an active Attribute Policy Object that is
           defined for this Node, or the zero-length string.  The
           zero-length string indicates that no Attribute Policy
           Object is defined for this Node."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNoMembEntry 5 }
        

-- -- -- Common Transport Access Descriptors --

----通用传输访问描述符--

t11FcSpPoCtDescrTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoCtDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Common Transport Access Descriptors being used within active Policy Objects.

T11FCSPOCTDESCRENTRY MAX-ACCESS的T11FCSPOCTDESCRENTRY对象类型语法序列不可访问状态当前描述“活动策略对象中使用的常用传输访问描述符表。

A Common Transport Access Specifier is a list of Common Transport Access Descriptors that specify whether a Node is allowed to access a Generic Service or Sub-Server.

公共传输访问说明符是公共传输访问说明符的列表,用于指定是否允许节点访问通用服务或子服务器。

           An active Common Transport Access Specifier is represented
           by all rows of this table that have the same values of
           fcmInstanceIndex, t11FcSpPoFabricIndex, and
           t11FcSpPoCtDescrSpecifierIndex."
    ::= { t11FcSpPoActive 5 }
        
           An active Common Transport Access Specifier is represented
           by all rows of this table that have the same values of
           fcmInstanceIndex, t11FcSpPoFabricIndex, and
           t11FcSpPoCtDescrSpecifierIndex."
    ::= { t11FcSpPoActive 5 }
        

t11FcSpPoCtDescrEntry OBJECT-TYPE SYNTAX T11FcSpPoCtDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Common Transport Access Descriptor of an active Common Transport Access Specifier used within the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex." INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,

T11FCSPOCTDESCRENTRY对象类型语法T11FCSPOCTDESCRENTRY MAX-ACCESS不可访问状态当前说明“每个条目都包含有关活动公共传输访问说明符的一个公共传输访问说明符的信息,该说明符在由T11FCSPoFabricindex标识的结构中使用,并在由fcmInstanceIndex标识的光纤通道管理实例中管理。”索引{fcmInstanceIndex,T11FCSPoFabricindex,

             t11FcSpPoCtDescrSpecifierIndex, t11FcSpPoCtDescrIndex }
    ::= { t11FcSpPoCtDescrTable 1 }
        
             t11FcSpPoCtDescrSpecifierIndex, t11FcSpPoCtDescrIndex }
    ::= { t11FcSpPoCtDescrTable 1 }
        
T11FcSpPoCtDescrEntry ::= SEQUENCE {
    t11FcSpPoCtDescrSpecifierIndex   Unsigned32,
    t11FcSpPoCtDescrIndex            Unsigned32,
    t11FcSpPoCtDescrFlags            BITS,
    t11FcSpPoCtDescrGsType           OCTET STRING,
    t11FcSpPoCtDescrGsSubType        OCTET STRING
}
        
T11FcSpPoCtDescrEntry ::= SEQUENCE {
    t11FcSpPoCtDescrSpecifierIndex   Unsigned32,
    t11FcSpPoCtDescrIndex            Unsigned32,
    t11FcSpPoCtDescrFlags            BITS,
    t11FcSpPoCtDescrGsType           OCTET STRING,
    t11FcSpPoCtDescrGsSubType        OCTET STRING
}
        
t11FcSpPoCtDescrSpecifierIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Specifier within a Fabric."
    ::= { t11FcSpPoCtDescrEntry 1 }
        
t11FcSpPoCtDescrSpecifierIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Specifier within a Fabric."
    ::= { t11FcSpPoCtDescrEntry 1 }
        
t11FcSpPoCtDescrIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Descriptor within a Common Transport
           Access Specifier."
    ::= { t11FcSpPoCtDescrEntry 2 }
        
t11FcSpPoCtDescrIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Descriptor within a Common Transport
           Access Specifier."
    ::= { t11FcSpPoCtDescrEntry 2 }
        
t11FcSpPoCtDescrFlags OBJECT-TYPE
    SYNTAX       BITS {
                     allow(0),
                     gsTypeWildcard(1),
                     gsSubTypeWildcard(2),
                     readOnly(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The flag bits that specify how access is to be limited by
           this Common Transport Access Descriptor:
        
t11FcSpPoCtDescrFlags OBJECT-TYPE
    SYNTAX       BITS {
                     allow(0),
                     gsTypeWildcard(1),
                     gsSubTypeWildcard(2),
                     readOnly(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The flag bits that specify how access is to be limited by
           this Common Transport Access Descriptor:
        

- allow -- access to the specified Generic Service and Server is allowed if this bit is set, and is to be denied if this bit is not set.

- allow——如果设置了此位,则允许访问指定的通用服务和服务器;如果未设置此位,则拒绝访问。

- gsTypeWildcard -- if this bit is set, the Generic Service

- gsTypeWildcard——如果设置了此位,则通用服务

to be allowed/denied is specified by the value of t11FcSpPoCtDescrGsType. If this bit is set, then the gsSubTypeWildcard bit must not be set.

允许/拒绝由T11FCSPOCTDESCRGSTYPE的值指定。如果设置了该位,则不能设置GSSubsubject通配符位。

- gsSubTypeWildcard -- if this bit is set, the Generic Service to be allowed/denied is specified by the value of t11FcSpPoCtDescrGsSubType. If this bit is set, then the gsTypeWildcard bit must not be set.

- GSSubjectWildcard——如果设置了此位,则允许/拒绝的通用服务由T11FCSPOCTDESCRGSSUBTYPE的值指定。如果设置了此位,则不能设置GSTYPE通配符位。

            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    ::= { t11FcSpPoCtDescrEntry 3 }
        
            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    ::= { t11FcSpPoCtDescrEntry 3 }
        
t11FcSpPoCtDescrGsType OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The GS_Type of the Generic Service (e.g., the FC-GS-5
           Management Service) that is subject to access control.
           This value is ignored if the gsTypeWildcard bit is not set
           in the corresponding value of t11FcSpPoCtDescrFlags."
    REFERENCE
           "- Fibre Channel - Generic Services-5 (FC-GS-5),
              ANSI INCITS 427-2006, section 4.3.2.4."
    ::= { t11FcSpPoCtDescrEntry 4 }
        
t11FcSpPoCtDescrGsType OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The GS_Type of the Generic Service (e.g., the FC-GS-5
           Management Service) that is subject to access control.
           This value is ignored if the gsTypeWildcard bit is not set
           in the corresponding value of t11FcSpPoCtDescrFlags."
    REFERENCE
           "- Fibre Channel - Generic Services-5 (FC-GS-5),
              ANSI INCITS 427-2006, section 4.3.2.4."
    ::= { t11FcSpPoCtDescrEntry 4 }
        
t11FcSpPoCtDescrGsSubType OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The GS_Subtype of the Generic Server (e.g., the Fabric Zone
           Server) that is subject to access control.  This value is
           ignored if the gsSubTypeWildcard bit is not set in the
           corresponding value of t11FcSpPoCtDescrFlags."
    REFERENCE
           "- Fibre Channel - Generic Services-5 (FC-GS-5),
              ANSI INCITS 427-2006, section 4.3.2.5."
    ::= { t11FcSpPoCtDescrEntry 5 }
        
t11FcSpPoCtDescrGsSubType OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The GS_Subtype of the Generic Server (e.g., the Fabric Zone
           Server) that is subject to access control.  This value is
           ignored if the gsSubTypeWildcard bit is not set in the
           corresponding value of t11FcSpPoCtDescrFlags."
    REFERENCE
           "- Fibre Channel - Generic Services-5 (FC-GS-5),
              ANSI INCITS 427-2006, section 4.3.2.5."
    ::= { t11FcSpPoCtDescrEntry 5 }
        

-- -- -- Switches/Nodes in Active Switch Connectivity Objects --

----活动交换机连接对象中的交换机/节点--

t11FcSpPoSwConnTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoSwConnEntry

T11FCSPOSWConntry的T11FCSPOSWConTable对象类型语法序列

MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of active Switch Connectivity Objects.

MAX-ACCESS not ACCESS STATUS current DESCRIPTION“活动交换机连接对象表。

           A Switch Connectivity Object defines to which other
           Switches or Nodes a particular Switch may/may not be
           connected at the Node level and/or at the Port level."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1, tables 123/124."
    ::= { t11FcSpPoActive 6 }
        
           A Switch Connectivity Object defines to which other
           Switches or Nodes a particular Switch may/may not be
           connected at the Node level and/or at the Port level."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1, tables 123/124."
    ::= { t11FcSpPoActive 6 }
        

t11FcSpPoSwConnEntry OBJECT-TYPE SYNTAX T11FcSpPoSwConnEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains the name of either a Switch or a Node with which any port of a particular Switch, or a particular port of that Switch, is allowed or not allowed to be connected.

T11FCSPOSWConnentry对象类型语法T11FCSPOSWConnentry MAX-ACCESS not accessible STATUS current DESCRIPTION“每个条目包含允许或不允许连接特定交换机的任何端口或该交换机的特定端口的交换机或节点的名称。

           The particular Switch is on the Fabric identified by
           t11FcSpPoFabricIndex and managed within the Fibre Channel
           management instance identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoSwConnSwitchName, t11FcSpPoSwConnAllowedType,
             t11FcSpPoSwConnPortNameOrAll,
             t11FcSpPoSwConnAllowedIndex }
    ::= { t11FcSpPoSwConnTable 1 }
        
           The particular Switch is on the Fabric identified by
           t11FcSpPoFabricIndex and managed within the Fibre Channel
           management instance identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoSwConnSwitchName, t11FcSpPoSwConnAllowedType,
             t11FcSpPoSwConnPortNameOrAll,
             t11FcSpPoSwConnAllowedIndex }
    ::= { t11FcSpPoSwConnTable 1 }
        
T11FcSpPoSwConnEntry ::= SEQUENCE {
    t11FcSpPoSwConnSwitchName       FcNameIdOrZero,
    t11FcSpPoSwConnAllowedType      INTEGER,
    t11FcSpPoSwConnPortNameOrAll    FcNameIdOrZero,
    t11FcSpPoSwConnAllowedIndex     Unsigned32,
    t11FcSpPoSwConnAllowedNameType  T11FcSpPolicyNameType,
    t11FcSpPoSwConnAllowedName      T11FcSpPolicyName
}
        
T11FcSpPoSwConnEntry ::= SEQUENCE {
    t11FcSpPoSwConnSwitchName       FcNameIdOrZero,
    t11FcSpPoSwConnAllowedType      INTEGER,
    t11FcSpPoSwConnPortNameOrAll    FcNameIdOrZero,
    t11FcSpPoSwConnAllowedIndex     Unsigned32,
    t11FcSpPoSwConnAllowedNameType  T11FcSpPolicyNameType,
    t11FcSpPoSwConnAllowedName      T11FcSpPolicyName
}
        

t11FcSpPoSwConnSwitchName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of the particular Switch for which this Switch

T11FCSPOSWCONNSwitchName对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS不可访问状态当前描述“此开关用于的特定开关的名称

           Connectivity Object specifies topology restrictions."
    ::= { t11FcSpPoSwConnEntry 1 }
        
           Connectivity Object specifies topology restrictions."
    ::= { t11FcSpPoSwConnEntry 1 }
        
t11FcSpPoSwConnAllowedType OBJECT-TYPE
    SYNTAX       INTEGER { switch(1), node(2) }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object specifies whether this row refers to
           Switch-to-Switch or Switch-to-Node connectivity, i.e.,
           whether the corresponding instance of
           t11FcSpPoSwConnAllowedName specifies the name of a Switch
           or the name of a Node."
    ::= { t11FcSpPoSwConnEntry 2 }
        
t11FcSpPoSwConnAllowedType OBJECT-TYPE
    SYNTAX       INTEGER { switch(1), node(2) }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object specifies whether this row refers to
           Switch-to-Switch or Switch-to-Node connectivity, i.e.,
           whether the corresponding instance of
           t11FcSpPoSwConnAllowedName specifies the name of a Switch
           or the name of a Node."
    ::= { t11FcSpPoSwConnEntry 2 }
        

t11FcSpPoSwConnPortNameOrAll OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE(0 | 8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object specifies either the particular port to which this topology restriction applies, or if the value is the zero-length string, that the topology restriction applies to all ports on the particular Switch.

T11FCSPOSWCONNPORTNAMEORL对象类型语法FcNameIdOrZero(大小(0 | 8))MAX-ACCESS not ACCESS STATUS current DESCRIPTION“此对象指定应用此拓扑限制的特定端口,或者如果该值为零长度字符串,则拓扑限制应用于特定交换机上的所有端口。

           In the FC-SP Policy Database, restrictions for a particular
           port are formatted within a Port Connectivity Entry of a
           Switch Connectivity Object, whereas restrictions for all
           ports on the Switch are specified in the main part of a
           Switch Connectivity Object, i.e., not in a Port Connectivity
           Entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1, tables 123/124."
    ::= { t11FcSpPoSwConnEntry 3 }
        
           In the FC-SP Policy Database, restrictions for a particular
           port are formatted within a Port Connectivity Entry of a
           Switch Connectivity Object, whereas restrictions for all
           ports on the Switch are specified in the main part of a
           Switch Connectivity Object, i.e., not in a Port Connectivity
           Entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1, tables 123/124."
    ::= { t11FcSpPoSwConnEntry 3 }
        
t11FcSpPoSwConnAllowedIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "When multiple rows in this table apply to the same
           port(s) in the same Switch's Switch Connectivity Object,
           this object provides a unique index value to distinguish
           between such rows."
    ::= { t11FcSpPoSwConnEntry 4 }
        
t11FcSpPoSwConnAllowedIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "When multiple rows in this table apply to the same
           port(s) in the same Switch's Switch Connectivity Object,
           this object provides a unique index value to distinguish
           between such rows."
    ::= { t11FcSpPoSwConnEntry 4 }
        
t11FcSpPoSwConnAllowedNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this row specifies whether
           connectivity is allowed/not allowed with entities not
           explicitly named by other rows.
        
t11FcSpPoSwConnAllowedNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this row specifies whether
           connectivity is allowed/not allowed with entities not
           explicitly named by other rows.
        

Otherwise, the combination of t11FcSpPoSwConnAllowedNameType and t11FcSpPoSwConnAllowedName specify the name of:

否则,T11FCSPOSWCONNALLOWEDNAMETYPE和T11FCSPOSWCONNALLOWEDNAME的组合将指定以下名称:

- a Switch (if t11FcSpPoSwConnAllowedType = 'switch'), or - a Node (if t11FcSpPoSwConnAllowedType = 'node')

- 一个开关(如果T11FCSPOSWCONNALLOWEDTYPE='Switch')或一个节点(如果T11FCSPOSWCONNALLOWEDTYPE='Node')

to which connectivity is:

连接到的目标是:

            - allowed by 'nodeName' and 'portName',
            - not allowed by 'restrictedNodeName' and
              'restrictedPortName'."
    ::= { t11FcSpPoSwConnEntry 5 }
        
            - allowed by 'nodeName' and 'portName',
            - not allowed by 'restrictedNodeName' and
              'restrictedPortName'."
    ::= { t11FcSpPoSwConnEntry 5 }
        

t11FcSpPoSwConnAllowedName OBJECT-TYPE SYNTAX T11FcSpPolicyName (SIZE (8)) MAX-ACCESS read-only STATUS current DESCRIPTION "If the value of t11FcSpPoSwConnAllowedNameType is 'wildcard' or 'restrictedWildcard', this object has the value '0000000000000000'h.

T11FCSPOSWCONNALLowedName对象类型语法T11FCSPolicName(大小(8))MAX-ACCESS只读状态当前说明“如果T11FCSPOSWCONNALLowedName的值为“通配符”或“受限通配符”,则此对象的值为“0000000000000000”。

Otherwise, the combination of t11FcSpPoSwConnAllowedNameType and t11FcSpPoSwConnAllowedName specify the name of:

否则,T11FCSPOSWCONNALLOWEDNAMETYPE和T11FCSPOSWCONNALLOWEDNAME的组合将指定以下名称:

- a Switch (if t11FcSpPoSwConnAllowedType = 'switch'), or - a Node (if t11FcSpPoSwConnAllowedType = 'node')

- 一个开关(如果T11FCSPOSWCONNALLOWEDTYPE='Switch')或一个节点(如果T11FCSPOSWCONNALLOWEDTYPE='Node')

           to which connectivity is allowed/restricted."
    ::= { t11FcSpPoSwConnEntry 6 }
        
           to which connectivity is allowed/restricted."
    ::= { t11FcSpPoSwConnEntry 6 }
        

-- -- IP Management Entries in Active IP Management List Objects --

----活动IP管理列表对象中的IP管理条目--

t11FcSpPoIpMgmtTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoIpMgmtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of IP Management Entries in active IP Management List Objects. An IP Management List Object is a Fabric-wide Policy Object that describes which IP hosts are allowed to manage a Fabric.

T11FCSPOPIPMGTTABLE对象类型T11FCSPOPIPGMENTRY MAX-ACCESS的语法序列不可访问状态当前描述“活动IP管理列表对象中的IP管理项表。IP管理列表对象是一个结构范围的策略对象,描述允许哪些IP主机管理结构。

           One IP Management List Object is represented by all
           of the rows of this table that have the same values
           of fcmInstanceIndex and t11FcSpPoFabricIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7"
    ::= { t11FcSpPoActive 7 }
        
           One IP Management List Object is represented by all
           of the rows of this table that have the same values
           of fcmInstanceIndex and t11FcSpPoFabricIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7"
    ::= { t11FcSpPoActive 7 }
        

t11FcSpPoIpMgmtEntry OBJECT-TYPE SYNTAX T11FcSpPoIpMgmtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one IP Management Entry within the active IP Management List Object for the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCSPOPGMtentry对象类型语法T11FCSPOPIPGMtentry MAX-ACCESS不可访问状态当前说明“每个条目都包含有关T11FCSPoFabricindex标识的结构的活动IP管理列表对象中的一个IP管理条目的信息,并在fcmInstanceIndex标识的光纤通道管理实例中进行管理。

The Policy Object Name of an IP Management Entry Policy Object is either an IPv6 Address Range or an IPv4 Address Range, where in each case, the range is specified as two addresses: the low and high ends of the range. In particular, since the Policy Object Name in this situation can only be an IPv6 Address Range or an IPv4 Address Range, it is represented here by three MIB objects defined as a (InetAddressType, InetAddress, InetAddress) tuple, in which the first address is the low end of the range, the second address is the high end of the range, and both addresses are of the type designated by InetAddressType.

IP管理条目策略对象的策略对象名称是IPv6地址范围或IPv4地址范围,在每种情况下,该范围都指定为两个地址:范围的低端和高端。特别是,由于这种情况下的策略对象名称只能是IPv6地址范围或IPv4地址范围,因此在此由三个定义为(InetAddressType,InetAddress,InetAddress)元组的MIB对象表示,其中第一个地址是范围的低端,第二个地址是范围的高端,这两个地址都是InetAddressType指定的类型。

In theory, the use of t11FcSpPoIpMgmtEntryNameLow and t11FcSpPoIpMgmtEntryNameHigh (which both have the syntax

理论上,使用T11FCSPOPIPGMtentryNameLow和T11FCSPOPIPGMtentryNameHigh(两者都有语法

           of InetAddress) in the INDEX could cause the need for
           excessively long OIDs.  In practice, this can't happen
           because FC-SP doesn't allow these objects to be specified
           as DNS names."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoIpMgmtEntryNameType,
             t11FcSpPoIpMgmtEntryNameLow,
             t11FcSpPoIpMgmtEntryNameHigh }
    ::= { t11FcSpPoIpMgmtTable 1 }
        
           of InetAddress) in the INDEX could cause the need for
           excessively long OIDs.  In practice, this can't happen
           because FC-SP doesn't allow these objects to be specified
           as DNS names."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoIpMgmtEntryNameType,
             t11FcSpPoIpMgmtEntryNameLow,
             t11FcSpPoIpMgmtEntryNameHigh }
    ::= { t11FcSpPoIpMgmtTable 1 }
        
T11FcSpPoIpMgmtEntry ::= SEQUENCE {
    t11FcSpPoIpMgmtEntryNameType   InetAddressType,
    t11FcSpPoIpMgmtEntryNameLow    InetAddress,
    t11FcSpPoIpMgmtEntryNameHigh   InetAddress,
    t11FcSpPoIpMgmtWkpIndex        Unsigned32,
    t11FcSpPoIpMgmtAttribute       T11FcSpAlphaNumNameOrAbsent
}
        
T11FcSpPoIpMgmtEntry ::= SEQUENCE {
    t11FcSpPoIpMgmtEntryNameType   InetAddressType,
    t11FcSpPoIpMgmtEntryNameLow    InetAddress,
    t11FcSpPoIpMgmtEntryNameHigh   InetAddress,
    t11FcSpPoIpMgmtWkpIndex        Unsigned32,
    t11FcSpPoIpMgmtAttribute       T11FcSpAlphaNumNameOrAbsent
}
        

t11FcSpPoIpMgmtEntryNameType OBJECT-TYPE SYNTAX InetAddressType -- INTEGER { ipv4(1), ipv6(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The combination of t11FcSpPoIpMgmtNameType, t11FcSpPoIpMgmtNameLow, and t11FcSpPoIpMgmtNameHigh specify the Internet address range of this IP Management Entry in the IP Management List Object.

T11FCSPOPIPGMtentryNameType对象类型语法InetAddressType--整数{ipv4(1),ipv6(2)}MAX-ACCESS不可访问状态当前描述“T11FCSPOPIPGMTNAMETYPE,T11FCSPOPIPGMTNAMETLOW和T11FCSPOPIPGMTNAMETHIGH的组合在IP管理列表对象中指定此IP管理项的Internet地址范围。

           The FC-SP specification does not allow the use of a
           DNS domain name to specify the address at the lower end
           or at the higher end of the Internet address range, nor does
           it allow the specification of a zone index.  Therefore, the
           type of address must be one of: 'ipv4', or 'ipv6'."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              sections 7.1.7.1 & 7.1.2, tables 103/126."
    ::= { t11FcSpPoIpMgmtEntry 1 }
        
           The FC-SP specification does not allow the use of a
           DNS domain name to specify the address at the lower end
           or at the higher end of the Internet address range, nor does
           it allow the specification of a zone index.  Therefore, the
           type of address must be one of: 'ipv4', or 'ipv6'."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              sections 7.1.7.1 & 7.1.2, tables 103/126."
    ::= { t11FcSpPoIpMgmtEntry 1 }
        

t11FcSpPoIpMgmtEntryNameLow OBJECT-TYPE SYNTAX InetAddress (SIZE(4 | 16)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The lower end of an Internet address range. The type of this address is given by the corresponding instance of t11FcSpPoIpMgmtEntryNameType.

T11FCSPOPIPGMtentryNameLow对象类型语法InetAddress(大小(4 | 16))MAX-ACCESS not accessible STATUS current DESCRIPTION“Internet地址范围的下限。此地址的类型由T11FCSPOPIPMMtentryNameType的相应实例给出。

           The combination of t11FcSpPoIpMgmtNameType,
           t11FcSpPoIpMgmtNameLow, and t11FcSpPoIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              sections 7.1.7.1 & 7.1.2, tables 103/126."
    ::= { t11FcSpPoIpMgmtEntry 2 }
        
           The combination of t11FcSpPoIpMgmtNameType,
           t11FcSpPoIpMgmtNameLow, and t11FcSpPoIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              sections 7.1.7.1 & 7.1.2, tables 103/126."
    ::= { t11FcSpPoIpMgmtEntry 2 }
        

t11FcSpPoIpMgmtEntryNameHigh OBJECT-TYPE SYNTAX InetAddress (SIZE(4 | 16)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The higher end of an Internet address range. The type of this address is given by the corresponding instance of t11FcSpPoIpMgmtEntryNameType.

T11FCSPOPIPGMtentryNameHigh对象类型语法InetAddress(大小(4 | 16))MAX-ACCESS not accessible STATUS current DESCRIPTION“Internet地址范围的高端。此地址的类型由T11FCSPOPOPMPtentryNameType的相应实例提供。

           The combination of t11FcSpPoIpMgmtNameType,
           t11FcSpPoIpMgmtNameLow, and t11FcSpPoIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 & 7.1.2, tables 103/126."
    ::= { t11FcSpPoIpMgmtEntry 3 }
        
           The combination of t11FcSpPoIpMgmtNameType,
           t11FcSpPoIpMgmtNameLow, and t11FcSpPoIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 & 7.1.2, tables 103/126."
    ::= { t11FcSpPoIpMgmtEntry 3 }
        
t11FcSpPoIpMgmtWkpIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (0..4294967295)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object identifies the restrictions for IP management
           access by IP hosts in this range of IP addresses, specified
           as the set of Well-Known Protocols Access Descriptors
           contained in those rows of the t11FcSpPoWkpDescrTable for
           which the value of t11FcSpPoWkpDescrSpecifierIndex is the
           same as the value of this object.  A value of zero indicates
           that this IP Management Entry does not identify a Well-Known
           Protocols Access Specifier."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and tables 127/129."
    ::= { t11FcSpPoIpMgmtEntry 4 }
        
t11FcSpPoIpMgmtWkpIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (0..4294967295)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object identifies the restrictions for IP management
           access by IP hosts in this range of IP addresses, specified
           as the set of Well-Known Protocols Access Descriptors
           contained in those rows of the t11FcSpPoWkpDescrTable for
           which the value of t11FcSpPoWkpDescrSpecifierIndex is the
           same as the value of this object.  A value of zero indicates
           that this IP Management Entry does not identify a Well-Known
           Protocols Access Specifier."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and tables 127/129."
    ::= { t11FcSpPoIpMgmtEntry 4 }
        
t11FcSpPoIpMgmtAttribute OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumNameOrAbsent
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of an active Attribute Policy Object that is
           defined for this IP Management entry or the zero-length
           string.  The zero-length string indicates that no Attribute
           Policy Object is defined for this IP Management entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 128."
    ::= { t11FcSpPoIpMgmtEntry 5 }
        
t11FcSpPoIpMgmtAttribute OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumNameOrAbsent
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of an active Attribute Policy Object that is
           defined for this IP Management entry or the zero-length
           string.  The zero-length string indicates that no Attribute
           Policy Object is defined for this IP Management entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 128."
    ::= { t11FcSpPoIpMgmtEntry 5 }
        

-- -- Well-Known Protocol Access Descriptors --

----众所周知的协议访问描述符--

t11FcSpPoWkpDescrTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoWkpDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of the Well-Known Protocol Access Descriptors being used within active Policy Objects.

T11FCSPOWKPDESCRTABLE对象类型T11FCSPOWKPDESCRENTRY MAX-ACCESS not ACCESS STATUS current DESCRATION“活动策略对象中使用的已知协议访问描述符的表。

A Well-Known Protocol Access Specifier is a list of Well-Known Protocol Access Descriptors each of which specifies a protocol number, a port number, and/or various flags specifying how IP management access is restricted.

众所周知的协议访问说明符是众所周知的协议访问说明符的列表,每个说明符指定协议号、端口号和/或指定如何限制IP管理访问的各种标志。

           A Well-Known Protocol Transport Access Specifier is
           represented by all rows of this table that have the
           same values of fcmInstanceIndex, t11FcSpPoFabricIndex,
           and t11FcSpPoWkpDescrSpecifierIndex."
    ::= { t11FcSpPoActive 8 }
        
           A Well-Known Protocol Transport Access Specifier is
           represented by all rows of this table that have the
           same values of fcmInstanceIndex, t11FcSpPoFabricIndex,
           and t11FcSpPoWkpDescrSpecifierIndex."
    ::= { t11FcSpPoActive 8 }
        

t11FcSpPoWkpDescrEntry OBJECT-TYPE SYNTAX T11FcSpPoWkpDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Well-Known Protocol Access Descriptor of a Well-Known Protocol Access Specifier used within the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex."

T11FCSPOWKPDESCRENTRY对象类型语法T11FCSPOWKPDESCRENTRY MAX-ACCESS不可访问状态当前说明“每个条目都包含一个已知协议访问说明符的一个已知协议访问说明符的信息,该说明符在由T11FCSPoFabricindex标识的结构中使用,并在由fcmInstanceIndex标识的光纤通道管理实例中管理。”

    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoWkpDescrSpecifierIndex, t11FcSpPoWkpDescrIndex }
    ::= { t11FcSpPoWkpDescrTable 1 }
        
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoWkpDescrSpecifierIndex, t11FcSpPoWkpDescrIndex }
    ::= { t11FcSpPoWkpDescrTable 1 }
        
T11FcSpPoWkpDescrEntry ::= SEQUENCE {
    t11FcSpPoWkpDescrSpecifierIndex   Unsigned32,
    t11FcSpPoWkpDescrIndex            Unsigned32,
    t11FcSpPoWkpDescrFlags            BITS,
    t11FcSpPoWkpDescrWkpNumber        Unsigned32,
    t11FcSpPoWkpDescrDestPort         InetPortNumber
}
        
T11FcSpPoWkpDescrEntry ::= SEQUENCE {
    t11FcSpPoWkpDescrSpecifierIndex   Unsigned32,
    t11FcSpPoWkpDescrIndex            Unsigned32,
    t11FcSpPoWkpDescrFlags            BITS,
    t11FcSpPoWkpDescrWkpNumber        Unsigned32,
    t11FcSpPoWkpDescrDestPort         InetPortNumber
}
        
t11FcSpPoWkpDescrSpecifierIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Well-Known Protocol Access Specifier within a Fabric."
    ::= { t11FcSpPoWkpDescrEntry 1 }
        
t11FcSpPoWkpDescrSpecifierIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Well-Known Protocol Access Specifier within a Fabric."
    ::= { t11FcSpPoWkpDescrEntry 1 }
        
t11FcSpPoWkpDescrIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Well-Known Protocol Access Descriptor within a Well-Known
           Protocol Access Specifier."
    ::= { t11FcSpPoWkpDescrEntry 2 }
        
t11FcSpPoWkpDescrIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Well-Known Protocol Access Descriptor within a Well-Known
           Protocol Access Specifier."
    ::= { t11FcSpPoWkpDescrEntry 2 }
        
t11FcSpPoWkpDescrFlags OBJECT-TYPE
    SYNTAX       BITS {
                     allow(0),
                     wkpWildcard(1),
                     destPortWildcard(2),
                     readOnly(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The flag bits that specify how access is to be limited by
           this Well-Known Protocol Access Descriptor:
        
t11FcSpPoWkpDescrFlags OBJECT-TYPE
    SYNTAX       BITS {
                     allow(0),
                     wkpWildcard(1),
                     destPortWildcard(2),
                     readOnly(3)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The flag bits that specify how access is to be limited by
           this Well-Known Protocol Access Descriptor:
        

- allow -- IP management access using this protocol/port is allowed if this bit is set, and to be denied if this bit is not set.

- allow——如果设置了此位,则允许使用此协议/端口的IP管理访问,如果未设置此位,则拒绝访问。

- wkpWildcard -- if this bit is set, the IP Protocol number of the Well-Known Protocol to be allowed/denied is specified by the value of t11FcSpPoWkpDescrWkpNumber.

- wkpWildcard——如果设置了此位,则允许/拒绝的已知协议的IP协议号由T11FCSPOWKPDESCRWKPNUMBER的值指定。

- destPortWildcard -- if this bit is set, the Destination (TCP/UDP) Port number of the Well-Known Protocol to be allowed/denied is specified by the value of t11FcSpPoWkpDescrDestPort.

- destPortWildcard——如果设置了此位,则允许/拒绝的已知协议的目标(TCP/UDP)端口号由T11FCSPOWKPDESCRDESTPORT的值指定。

            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131."
    ::= { t11FcSpPoWkpDescrEntry 3 }
        
            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131."
    ::= { t11FcSpPoWkpDescrEntry 3 }
        
t11FcSpPoWkpDescrWkpNumber OBJECT-TYPE
    SYNTAX       Unsigned32 (0..255)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the 'wkpWildcard' bit is set in the corresponding
           instance of t11FcSpPoWkpDescrFlags, this object specifies
           the IP protocol number of the Well-Known Protocol."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/protocol-numbers."
    ::= { t11FcSpPoWkpDescrEntry 4 }
        
t11FcSpPoWkpDescrWkpNumber OBJECT-TYPE
    SYNTAX       Unsigned32 (0..255)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the 'wkpWildcard' bit is set in the corresponding
           instance of t11FcSpPoWkpDescrFlags, this object specifies
           the IP protocol number of the Well-Known Protocol."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/protocol-numbers."
    ::= { t11FcSpPoWkpDescrEntry 4 }
        
t11FcSpPoWkpDescrDestPort OBJECT-TYPE
    SYNTAX       InetPortNumber
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the 'destPortWildcard' bit is set in the corresponding
           instance of t11FcSpPoWkpDescrFlags, this object specifies
           the Destination (TCP/UDP) Port number of the Well-Known
           Protocol.  When the 'destPortWildcard' bit is reset, this
           object is ignored (and can have the value zero)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/port-numbers."
    ::= { t11FcSpPoWkpDescrEntry 5 }
        
t11FcSpPoWkpDescrDestPort OBJECT-TYPE
    SYNTAX       InetPortNumber
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the 'destPortWildcard' bit is set in the corresponding
           instance of t11FcSpPoWkpDescrFlags, this object specifies
           the Destination (TCP/UDP) Port number of the Well-Known
           Protocol.  When the 'destPortWildcard' bit is reset, this
           object is ignored (and can have the value zero)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/port-numbers."
    ::= { t11FcSpPoWkpDescrEntry 5 }
        

-- -- Attribute Entries in Active Attribute Policy Objects --

----活动属性策略对象中的属性项--

t11FcSpPoAttribTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of the Attribute Policy Objects being used within active Policy Objects. In the FC-SP Policy Database, each Attribute Policy Object consists of an Attribute Object Name and a set of Attribute Entries.

T11FCSPoAttribTable对象类型T11FCSPoAttribEntry MAX-ACCESS的语法序列不可访问状态当前描述“活动策略对象中使用的属性策略对象的表。在FC-SP策略数据库中,每个属性策略对象由一个属性对象名和一组属性项组成。

           An active Attribute Policy Object is represented by all the
           Attribute Entries in this table that have the same value
           of t11FcSpPoAttribName."
    ::= { t11FcSpPoActive 9 }
        
           An active Attribute Policy Object is represented by all the
           Attribute Entries in this table that have the same value
           of t11FcSpPoAttribName."
    ::= { t11FcSpPoActive 9 }
        

t11FcSpPoAttribEntry OBJECT-TYPE SYNTAX T11FcSpPoAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each row contains information specific to an Attribute Entry contained within an Attribute Policy Object that is active within the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCSPoAttribEntry对象类型语法T11FCSPoAttribEntry MAX-ACCESS不可访问状态当前说明“每一行都包含特定于属性策略对象中包含的属性项的信息,该属性策略对象在由T11FCSPoFabriCindex标识的结构中处于活动状态,并在由fcmInstanceIndex标识的光纤通道管理实例中进行管理。

For some types of Attribute Policy Objects, it is valuable to break out some semantically significant parts of the Policy Object's value into their own individual MIB objects; for example, to extract the one or more individual Authentication Protocol Identifiers and associated Authentication Protocol Parameters out of an Attribute Object containing a 'AUTH_Negotiate Message Payload'. For such types, another MIB table is defined to hold the extracted values in MIB objects specific to the Attribute Policy Object's type. In such cases, the t11FcSpPoAttribExtension object in this table points to the other MIB table.

对于某些类型的属性策略对象,将策略对象值的一些语义上重要的部分分解为各自的MIB对象是很有价值的;例如,从包含“AUTH_协商消息负载”的属性对象中提取一个或多个单独的身份验证协议标识符和关联的身份验证协议参数。对于此类类型,定义了另一个MIB表以保存特定于属性策略对象类型的MIB对象中提取的值。在这种情况下,此表中的T11FCSPOAttribExtension对象指向另一个MIB表。

If the value of one Attribute Entry is too large (more than 256 bytes) to be contained within the value of one instance of t11FcSpPoAttribValue, then one row in this table contains the first 256 bytes, and one (or more) other row(s) in this table contain the rest of the value."

如果一个属性项的值太大(超过256字节),无法包含在T11FCSPOAttribValue的一个实例的值中,则此表中的一行包含前256个字节,而此表中的一行(或多行)包含其余值。”

    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoAttribName, t11FcSpPoAttribEntryIndex,
             t11FcSpPoAttribPartIndex }
    ::= { t11FcSpPoAttribTable 1 }
        
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoAttribName, t11FcSpPoAttribEntryIndex,
             t11FcSpPoAttribPartIndex }
    ::= { t11FcSpPoAttribTable 1 }
        
T11FcSpPoAttribEntry ::= SEQUENCE {
    t11FcSpPoAttribName         T11FcSpAlphaNumName,
    t11FcSpPoAttribEntryIndex   Unsigned32,
    t11FcSpPoAttribPartIndex    Unsigned32,
    t11FcSpPoAttribType         Unsigned32,
    t11FcSpPoAttribValue        OCTET STRING,
    t11FcSpPoAttribExtension    OBJECT IDENTIFIER
}
        
T11FcSpPoAttribEntry ::= SEQUENCE {
    t11FcSpPoAttribName         T11FcSpAlphaNumName,
    t11FcSpPoAttribEntryIndex   Unsigned32,
    t11FcSpPoAttribPartIndex    Unsigned32,
    t11FcSpPoAttribType         Unsigned32,
    t11FcSpPoAttribValue        OCTET STRING,
    t11FcSpPoAttribExtension    OBJECT IDENTIFIER
}
        
t11FcSpPoAttribName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the Attribute Policy Object containing one
           or more Attribute Entries."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1 and table 133."
    ::= { t11FcSpPoAttribEntry 1 }
        
t11FcSpPoAttribName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the Attribute Policy Object containing one
           or more Attribute Entries."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1 and table 133."
    ::= { t11FcSpPoAttribEntry 1 }
        
t11FcSpPoAttribEntryIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique value to distinguish this Attribute Entry
           from other Attribute Entries contained in the same
           Attribute Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 133/134."
    ::= { t11FcSpPoAttribEntry 2 }
        
t11FcSpPoAttribEntryIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique value to distinguish this Attribute Entry
           from other Attribute Entries contained in the same
           Attribute Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 133/134."
    ::= { t11FcSpPoAttribEntry 2 }
        

t11FcSpPoAttribPartIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "When the value of an Attribute Entry is shorter than 257 bytes, the whole value is contained in one instance of

T11FCSPOAttribPartIndex对象类型语法Unsigned32(1..4294967295)MAX-ACCESS not accessible STATUS current DESCRIPTION“当属性项的值小于257字节时,整个值包含在

t11FcSpPoAttribValue, and the value of this object is 1.

T11FCSPOAttribValue,此对象的值为1。

           If the value of an Attribute Entry is longer than 256 bytes,
           then that value is divided up on 256-byte boundaries such
           that all parts are 256 bytes long except the last part, which
           is shorter if necessary, with each such part contained in
           a separate row of this table, and the value of this object
           is set to the part number.  That is, this object has the
           value of 1 for bytes 0-255, the value of 2 for bytes
           256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 134/135."
    ::= { t11FcSpPoAttribEntry 3 }
        
           If the value of an Attribute Entry is longer than 256 bytes,
           then that value is divided up on 256-byte boundaries such
           that all parts are 256 bytes long except the last part, which
           is shorter if necessary, with each such part contained in
           a separate row of this table, and the value of this object
           is set to the part number.  That is, this object has the
           value of 1 for bytes 0-255, the value of 2 for bytes
           256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 134/135."
    ::= { t11FcSpPoAttribEntry 3 }
        

t11FcSpPoAttribType OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "The type of attribute. The first type to be defined is:

T11FCSPOAttribType对象类型语法Unsigned32(1..4294967295)MAX-ACCESS只读状态当前描述“属性的类型。要定义的第一个类型是:

           t11FcSpPoAttribType    t11FcSpPoAttribValue
           ===================    ====================
             '00000001'h          The AUTH_Negotiate Message Payload
           "
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoAttribEntry 4 }
        
           t11FcSpPoAttribType    t11FcSpPoAttribValue
           ===================    ====================
             '00000001'h          The AUTH_Negotiate Message Payload
           "
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoAttribEntry 4 }
        

t11FcSpPoAttribValue OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..256)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of an Attribute Entry is divided up on 256-byte boundaries such that all parts are 256 bytes long except the last part, which is shorter if necessary, and each such part is contained in a separate instance of this object.

T11FCSPOAttribValue对象类型语法八位字符串(大小(0..256))MAX-ACCESS只读状态当前描述“属性项的值按256字节边界划分,除最后一部分外,所有部分的长度均为256字节,如有必要,最后一部分较短,并且每个这样的部分都包含在此对象的单独实例中。

The value of this object is independent of whether some parts of its value are broken out into separate MIB objects pointed to by the corresponding instance of t11FcSpPoAttribExtension." REFERENCE

此对象的值独立于其值的某些部分是否被分解为T11FCSPOAttribExtension的相应实例所指向的单独MIB对象。“参考

           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoAttribEntry 5 }
        
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoAttribEntry 5 }
        

t11FcSpPoAttribExtension OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "For some types of Attribute Policy Object, the value of this MIB object points to type-specific MIB objects that contain individual/broken-out parts of the Attribute Policy Object's value. If this object doesn't point to such type-specific MIB objects, then it contains the value: zeroDotZero.

T11FCSPOAttribExtension对象类型语法对象标识符MAX-ACCESS只读状态当前说明对于某些类型的属性策略对象,此MIB对象的值指向特定于类型的MIB对象,这些MIB对象包含属性策略对象值的各个/分解部分。如果此对象不指向此类特定于类型的MIB对象,则它包含值:zeroDotZero。

           In particular, when the value of t11FcSpPoAttribType
           indicates 'AUTH_Negotiate Message Payload', one or more
           Authentication Protocol Identifiers and their associated
           Authentication Protocol Parameters are embedded within the
           value of the corresponding instance of t11FcSpPoAttribValue;
           MIB objects to contain these individual values are defined
           in the t11FcSpPoAuthProtTable.  Thus, for an 'AUTH_Negotiate
           Message Payload' Attribute, the value of this object
           contains an OID within the t11FcSpPoAuthProtTable, e.g.,
           of the whole table, of an individual row, or of an individual
           instance within the table."
    ::= { t11FcSpPoAttribEntry 6 }
        
           In particular, when the value of t11FcSpPoAttribType
           indicates 'AUTH_Negotiate Message Payload', one or more
           Authentication Protocol Identifiers and their associated
           Authentication Protocol Parameters are embedded within the
           value of the corresponding instance of t11FcSpPoAttribValue;
           MIB objects to contain these individual values are defined
           in the t11FcSpPoAuthProtTable.  Thus, for an 'AUTH_Negotiate
           Message Payload' Attribute, the value of this object
           contains an OID within the t11FcSpPoAuthProtTable, e.g.,
           of the whole table, of an individual row, or of an individual
           instance within the table."
    ::= { t11FcSpPoAttribEntry 6 }
        

-- -- Auth. Protocol Parameters in Active Attribute Policy Objects --

----啊。活动属性策略对象中的协议参数--

t11FcSpPoAuthProtTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoAuthProtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Authentication Protocol Identifier and Authentication Protocol Parameters that are embedded in Attribute Policy Objects being used within active Policy Objects.

T11FCSPOAuthProtTable对象类型T11FCSPOAuthProtEntry MAX-ACCESS的语法序列不可访问状态当前描述“嵌入在活动策略对象中使用的属性策略对象中的身份验证协议标识符和身份验证协议参数表。

This table is used for Attribute Entries of Attribute Policy Objects for which the value of t11FcSpPoAttribType indicates 'AUTH_Negotiate Message Payload' and the value of t11FcSpPoAttribExtension contains the OID of this table."

此表用于属性策略对象的属性项,对于这些对象,T11FCSPoAttribType的值表示“AUTH_协商消息负载”,T11FCSPoAttribExtension的值包含此表的OID。”

    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              sections 5.3.2 & 7.1.8.1, tables 134/135 and tables
              10/11."
    ::= { t11FcSpPoActive 10 }
        
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              sections 5.3.2 & 7.1.8.1, tables 134/135 and tables
              10/11."
    ::= { t11FcSpPoActive 10 }
        

t11FcSpPoAuthProtEntry OBJECT-TYPE SYNTAX T11FcSpPoAuthProtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about an Authentication Protocol that is extracted out of the Attribute Entry (identified by t11FcSpPoAttribEntryIndex) of the Policy Attribute Object (identified by t11FcSpPoAttribName), which is active within the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCSPOAuthProtentry对象类型语法T11FCSPOAuthProtentry MAX-ACCESS不可访问状态当前描述“每个条目都包含有关从策略属性对象(由T11FCSPOAttribName标识)的属性条目(由T11FCSPOAttribEntryIndex标识)中提取的身份验证协议的信息”,它在由T11FCSPoFabriCindex标识的结构中处于活动状态,并在由fcmInstanceIndex标识的光纤通道管理实例中进行管理。

           If the value of one Attribute Protocol Parameters string is
           too large (more than 256 bytes) to be contained within the
           value of one instance of t11FcSpPoAuthProtParams, then one
           row in this table contains the first 256 bytes, and one (or
           more) other row(s) in this table contain the rest of the
           value."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoAttribName, t11FcSpPoAttribEntryIndex,
             t11FcSpPoAuthProtIdentifier,
             t11FcSpPoAuthProtPartIndex }
    ::= { t11FcSpPoAuthProtTable 1 }
        
           If the value of one Attribute Protocol Parameters string is
           too large (more than 256 bytes) to be contained within the
           value of one instance of t11FcSpPoAuthProtParams, then one
           row in this table contains the first 256 bytes, and one (or
           more) other row(s) in this table contain the rest of the
           value."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoAttribName, t11FcSpPoAttribEntryIndex,
             t11FcSpPoAuthProtIdentifier,
             t11FcSpPoAuthProtPartIndex }
    ::= { t11FcSpPoAuthProtTable 1 }
        
T11FcSpPoAuthProtEntry ::= SEQUENCE {
    t11FcSpPoAuthProtIdentifier   Unsigned32,
    t11FcSpPoAuthProtPartIndex    Unsigned32,
    t11FcSpPoAuthProtParams       OCTET STRING
}
        
T11FcSpPoAuthProtEntry ::= SEQUENCE {
    t11FcSpPoAuthProtIdentifier   Unsigned32,
    t11FcSpPoAuthProtPartIndex    Unsigned32,
    t11FcSpPoAuthProtParams       OCTET STRING
}
        

t11FcSpPoAuthProtIdentifier OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Authentication Protocol Identifier:

T11FCSPOAuthProtIdentifier对象类型语法Unsigned32(0..4294967295)MAX-ACCESS不可访问状态当前描述“身份验证协议标识符:

1 = DH-CHAP 2 = FCAP 3 = FCPAP

1=DH-CHAP 2=FCAP 3=FCPAP

4 = IKEv2 5 = IKEv2-AUTH 240 thru 255 = Vendor Specific Protocols

4=IKEv2 5=IKEv2认证240至255=供应商特定协议

            all other values are 'Reserved' (by T11)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 11."
    ::= { t11FcSpPoAuthProtEntry 1 }
        
            all other values are 'Reserved' (by T11)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 11."
    ::= { t11FcSpPoAuthProtEntry 1 }
        

t11FcSpPoAuthProtPartIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "When the value of an Attribute Protocol Parameters string is shorter than 257 bytes, the whole value is contained in one instance of t11FcSpPoAuthProtParams, and the value of this object is 1. (This includes the case when the Attribute Protocol Parameters string is zero bytes in length.)

T11FCSPOAuthProtPartIndex对象类型语法Unsigned32(1..4294967295)MAX-ACCESS不可访问状态当前描述“当属性协议参数字符串的值小于257字节时,整个值包含在T11FCSPOAuthProtParams的一个实例中,此对象的值为1。(这包括属性协议参数字符串长度为零字节的情况。)

           If the value of an Authentication Protocol Parameters string
           is longer than 256 bytes, then that value is divided up on
           256-byte boundaries such that all parts are 256 bytes long
           except the last part, which is shorter if necessary, with
           each such part contained in a separate row of this table,
           and the value of this object is set to the part number.
           That is, this object has the value of 1 for bytes 0-255,
           the value of 2 for bytes 256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoAuthProtEntry 2 }
        
           If the value of an Authentication Protocol Parameters string
           is longer than 256 bytes, then that value is divided up on
           256-byte boundaries such that all parts are 256 bytes long
           except the last part, which is shorter if necessary, with
           each such part contained in a separate row of this table,
           and the value of this object is set to the part number.
           That is, this object has the value of 1 for bytes 0-255,
           the value of 2 for bytes 256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoAuthProtEntry 2 }
        

t11FcSpPoAuthProtParams OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..256)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of an Authentication Protocol Parameters string is divided up on 256-byte boundaries such that all parts are 256 bytes long except the last part, which is shorter if necessary, and each such part is contained in a separate instance of this object." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D,

T11FCSPOAuthProtParams对象类型语法八位字节字符串(大小(0..256))最大访问只读状态当前说明“身份验证协议参数字符串的值在256字节的边界上进行划分,以便除最后一部分(如有必要则更短)外,所有部分的长度均为256字节,并且每个部分都包含在此对象的单独实例中。”参考“-ANSI INCITS 426-2007,T11/Project 1570-D,

              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoAuthProtEntry 3 }
        
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoAuthProtEntry 3 }
        

-- -- Part 2 - Activate/De-Activate Operations --

----第2部分-激活/去激活操作--

-- -- Objects to Invoke Activate/De-Activate Operations --

----要调用激活/取消激活操作的对象--

t11FcSpPoOperTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoOperEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table that allows Activate and Deactivate operations to be invoked for FC-SP Policies on various Fabrics.

T11FCSPOOPERNTRY MAX-ACCESS不可访问状态当前描述的T11FCSPOOPERTABLE对象类型语法序列“允许为各种结构上的FC-SP策略调用激活和停用操作的表。

Activating a new policy configuration is a two-step process:

激活新策略配置需要两个步骤:

1) create a single Policy Summary Object as a set of rows in the t11FcSpPoNaSummaryTable specifying a set of Policy Objects that describe the new configuration; and 2) activate that Policy Summary Object using the t11FcSpPoOperActivate object defined in this table.

1) 在t11fcsponasummaryTable中创建一个策略摘要对象作为一组行,指定一组描述新配置的策略对象;和2)使用此表中定义的T11FCSPOOPERACTIVE对象激活该策略摘要对象。

           Deactivating the current policy configuration is a one-step
           process: the current Policy Summary Object is deactivated
           using the t11FcSpPoOperDeActivate object."
    ::= { t11FcSpPoOperations 1 }
        
           Deactivating the current policy configuration is a one-step
           process: the current Policy Summary Object is deactivated
           using the t11FcSpPoOperDeActivate object."
    ::= { t11FcSpPoOperations 1 }
        
t11FcSpPoOperEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoOperEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry allows an Activate and/or Deactivate operation
           to be invoked on a particular Fabric, which is managed as
           part of the Fibre Channel management instance identified
           by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoOperTable 1 }
        
t11FcSpPoOperEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoOperEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry allows an Activate and/or Deactivate operation
           to be invoked on a particular Fabric, which is managed as
           part of the Fibre Channel management instance identified
           by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoOperTable 1 }
        
T11FcSpPoOperEntry ::= SEQUENCE {
    t11FcSpPoOperActivate     T11FcSpAlphaNumName,
        
T11FcSpPoOperEntry ::= SEQUENCE {
    t11FcSpPoOperActivate     T11FcSpAlphaNumName,
        

t11FcSpPoOperDeActivate T11FcSpAlphaNumName, t11FcSpPoOperResult INTEGER, t11FcSpPoOperFailCause SnmpAdminString }

T11FCSPOOPER停用T11FcSpAlphaNumName,T11FCSPOOPERRESULT整数,T11FCSPOOPERFAILCAuse snmpadmin}

t11FcSpPoOperActivate OBJECT-TYPE SYNTAX T11FcSpAlphaNumName MAX-ACCESS read-write STATUS current DESCRIPTION "Writing the name of a Policy Summary Object into this object is a request to activate the policy configuration described by the combination of all rows in t11FcSpPoNaSummaryTable that have that name as their value of t11FcSpPoNaSummaryName and are for the same Fabric.

T11FCSPOOPERACTIVE对象类型语法T11FcSpAlphaNumName MAX-ACCESS读写状态当前说明“将策略摘要对象的名称写入此对象是一个激活策略配置的请求,该策略配置由T11FCSPONASUMARYTABLE中所有行的组合所描述,这些行的值为T11FCSPONASUMARYNAME,并且用于同一结构。

Before issuing such a request, the relevant rows in the t11FcSpPoNaSummaryTable must exist and represent a complete and consistent Policy Summary Object. If they do not, the request will fail, with t11FcSpPoOperResult having the 'badSummaryObject' value.

在发出这样的请求之前,T11FCSPONASUMARYTABLE中的相关行必须存在,并且表示一个完整且一致的策略摘要对象。否则,请求将失败,T11FCSPOOPERRESULT具有“badSummaryObject”值。

When read, the value of this object is always the zero-length string.

读取时,此对象的值始终为零长度字符串。

           Writing to this object does not delete (or in any way
           affect) any rows in the MIB tables for non-active
           Policy Objects."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2"
    ::= { t11FcSpPoOperEntry 1 }
        
           Writing to this object does not delete (or in any way
           affect) any rows in the MIB tables for non-active
           Policy Objects."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2"
    ::= { t11FcSpPoOperEntry 1 }
        

t11FcSpPoOperDeActivate OBJECT-TYPE SYNTAX T11FcSpAlphaNumName MAX-ACCESS read-write STATUS current DESCRIPTION "Writing the current value of t11FcSpPoPolicySummaryObjName into this object (for a particular Fabric) is a request to deactivate that Fabric's current policy configuration. Writing any other value into this object is an error (e.g., 'wrongValue').

T11FCSPOOPERDeactivate对象类型语法T11FcSpAlphaNumName MAX-ACCESS读写状态当前描述“将T11FCSPolicySummaryObjName的当前值写入此对象(对于特定结构)是一个停用该结构的当前策略配置的请求。将任何其他值写入此对象是一个错误(例如,“错误值”)。

When read, the value of this object is always the zero-length string."

读取时,此对象的值始终为零长度字符串。“

    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.3"
    ::= { t11FcSpPoOperEntry 2 }
        
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.3"
    ::= { t11FcSpPoOperEntry 2 }
        
t11FcSpPoOperResult OBJECT-TYPE
    SYNTAX       INTEGER {
                     activateSuccess(1),
                     badSummaryObject(2),
                     activateFailure(3),
                     deactivateSuccess(4),
                     deactivateFailure(5),
                     inProgress(6),
                     none(7)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object indicates the status/result of the last
           activation/deactivation that was invoked via the
           corresponding instance of t11FcSpPoOperActivate or
           t11FcSpPoOperDeActivate.
        
t11FcSpPoOperResult OBJECT-TYPE
    SYNTAX       INTEGER {
                     activateSuccess(1),
                     badSummaryObject(2),
                     activateFailure(3),
                     deactivateSuccess(4),
                     deactivateFailure(5),
                     inProgress(6),
                     none(7)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object indicates the status/result of the last
           activation/deactivation that was invoked via the
           corresponding instance of t11FcSpPoOperActivate or
           t11FcSpPoOperDeActivate.
        

When the value of this object is 'inProgress', the values of the corresponding instances of t11FcSpPoOperActivate and t11FcSpPoOperDeActivate cannot be modified.

当此对象的值为“inProgress”时,无法修改T11FCSPOOPERACTIVE和T11FCSPOOPERDEACTIVE的相应实例的值。

The value 'badSummaryObject' indicates an activation request that did not name a complete and consistent Policy Summary Object.

值“badSummaryObject”表示未命名完整且一致的策略摘要对象的激活请求。

           The value 'none' indicates activation/deactivation
           has not been attempted since the last restart of
           the management system."
    ::= { t11FcSpPoOperEntry 3 }
        
           The value 'none' indicates activation/deactivation
           has not been attempted since the last restart of
           the management system."
    ::= { t11FcSpPoOperEntry 3 }
        

t11FcSpPoOperFailCause OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "A textual message indicating the reason for the most recent activation/deactivation failure, or the zero-length string if no information is available (e.g., because the corresponding instance of t11FcSpPoOperResult has the value 'none').

T11FCSPOOPERFAILCAUSE对象类型语法SnmpAdminString(大小(0..64))MAX-ACCESS只读状态当前描述“指示最近激活/停用失败原因的文本消息,如果没有可用信息,则为零长度字符串(例如,因为t11fcspooperresult的对应实例的值为“none”)。

           When the corresponding instance of
           t11FcSpPoOperResult is either 'activateFailure'
           or 'deactivateFailure', the value of this object
           indicates the reason for that failure."
    ::= { t11FcSpPoOperEntry 4 }
        
           When the corresponding instance of
           t11FcSpPoOperResult is either 'activateFailure'
           or 'deactivateFailure', the value of this object
           indicates the reason for that failure."
    ::= { t11FcSpPoOperEntry 4 }
        

-- -- Part 3 - Non-Active Policy Objects --

----第3部分-非活动策略对象--

-- -- Non-Active Policy Summary Objects Available for Activation --

----可用于激活的非活动策略摘要对象--

t11FcSpPoNaSummaryTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaSummaryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of non-active Policy Summary Objects available to be activated.

T11FCSPONASUMARYTABLE对象类型T11FCSPONASUMARYENTRY MAX-ACCESS的语法序列不可访问状态当前描述“可激活的非活动策略摘要对象表。

The functionality of this table deviates slightly from FC-SP in that FC-SP specifies that the only Policy Summary Object is the Active one, i.e., FC-SP does not store non-active Policy Summary Objects in the Policy Database. Instead, FC-SP requires a new Policy Summary Object to be created for, and embedded within, every Activate (APS) request. Thus, the newly created Policy Summary Object outlasts the APS request only as the new active Policy Summary Object and only if the APS succeeds. In contrast, the Activate operation provided by this MIB module consists of two steps:

此表的功能与FC-SP略有不同,因为FC-SP指定唯一的策略摘要对象为活动对象,即FC-SP不在策略数据库中存储非活动策略摘要对象。相反,FC-SP要求为每个激活(APS)请求创建并嵌入新的策略摘要对象。因此,新创建的策略摘要对象仅作为新的活动策略摘要对象且仅当APS成功时,才会使APS请求持续时间更长。相反,此MIB模块提供的激活操作由两个步骤组成:

1) create a non-active Policy Summary Object as a set of entries in this table describing a new configuration; 2) activate a Policy Summary Object (stored as a set of entries in this table) using t11FcSpPoOperActivate.

1) 创建一个非活动策略摘要对象,作为此表中描述新配置的一组条目;2) 使用T11FCSPOOPERACTIVE激活策略摘要对象(在此表中存储为一组条目)。

           These two steps are only loosely connected, i.e., the result
           of the first operation is a non-active Policy Summary Object
           that is retained (in this table) even if it isn't
           immediately activated.  Even after an attempt to activate
           it succeeds or fails, a non-active Policy Summary Object
           is not deleted, but is retained and still available for
           subsequent modification/re-use."
    ::= { t11FcSpPoNonActive 1 }
        
           These two steps are only loosely connected, i.e., the result
           of the first operation is a non-active Policy Summary Object
           that is retained (in this table) even if it isn't
           immediately activated.  Even after an attempt to activate
           it succeeds or fails, a non-active Policy Summary Object
           is not deleted, but is retained and still available for
           subsequent modification/re-use."
    ::= { t11FcSpPoNonActive 1 }
        

t11FcSpPoNaSummaryEntry OBJECT-TYPE

T11FCSPONASUMARYENTRY对象类型

SYNTAX T11FcSpPoNaSummaryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one non-active Policy Object within a non-active Policy Summary Object defined for potential use on the Fabric identified by t11FcSpPoFabricIndex, and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

语法T11FCSPONASUMARYENTRY MAX-ACCESS不可访问状态当前说明“每个条目都包含有关非活动策略摘要对象中的一个非活动策略对象的信息,该非活动策略摘要对象是为T11FCSPoFabricindex标识的结构上的潜在使用而定义的,并在FCMINSTANCINDEX标识的光纤通道管理实例中进行管理。

A non-active Policy Summary Object is described by a set of entries in this table that have the same value of t11FcSpPoNaSummaryName.

非活动策略摘要对象由此表中具有相同值T11FCSPONASUMARYNAME的一组条目描述。

As and when a Policy Summary Object is activated using the t11FcSpPoOperActivate object, if the activation is successful, existing rows (if any) in MIB tables for active Policy Objects are deleted and replaced by the appropriate new set of rows. Existing rows in this table and/or in other tables for non-active Policy Objects are not affected by the activate operation.

当使用T11FCSPOOPERACTIVE对象激活策略摘要对象时,如果激活成功,MIB表中用于活动策略对象的现有行(如果有)将被删除并替换为相应的新行集。此表和/或其他表中非活动策略对象的现有行不受激活操作的影响。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3 and table 104."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSummaryName, t11FcSpPoNaSummaryPolicyType,
             t11FcSpPoNaSummaryPolicyIndex }
    ::= { t11FcSpPoNaSummaryTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3 and table 104."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSummaryName, t11FcSpPoNaSummaryPolicyType,
             t11FcSpPoNaSummaryPolicyIndex }
    ::= { t11FcSpPoNaSummaryTable 1 }
        
T11FcSpPoNaSummaryEntry ::= SEQUENCE {
    t11FcSpPoNaSummaryName            T11FcSpAlphaNumName,
    t11FcSpPoNaSummaryPolicyType      T11FcSpPolicyObjectType,
    t11FcSpPoNaSummaryPolicyIndex     Unsigned32,
    t11FcSpPoNaSummaryPolicyNameType  T11FcSpPolicyNameType,
    t11FcSpPoNaSummaryPolicyName      T11FcSpPolicyName,
    t11FcSpPoNaSummaryHashStatus      T11FcSpHashCalculationStatus,
    t11FcSpPoNaSummaryHashFormat      T11FcSpPolicyHashFormat,
    t11FcSpPoNaSummaryHashValue       T11FcSpPolicyHashValue,
    t11FcSpPoNaSummaryRowStatus       RowStatus
}
        
T11FcSpPoNaSummaryEntry ::= SEQUENCE {
    t11FcSpPoNaSummaryName            T11FcSpAlphaNumName,
    t11FcSpPoNaSummaryPolicyType      T11FcSpPolicyObjectType,
    t11FcSpPoNaSummaryPolicyIndex     Unsigned32,
    t11FcSpPoNaSummaryPolicyNameType  T11FcSpPolicyNameType,
    t11FcSpPoNaSummaryPolicyName      T11FcSpPolicyName,
    t11FcSpPoNaSummaryHashStatus      T11FcSpHashCalculationStatus,
    t11FcSpPoNaSummaryHashFormat      T11FcSpPolicyHashFormat,
    t11FcSpPoNaSummaryHashValue       T11FcSpPolicyHashValue,
    t11FcSpPoNaSummaryRowStatus       RowStatus
}
        

t11FcSpPoNaSummaryName OBJECT-TYPE SYNTAX T11FcSpAlphaNumName

T11FCSPONASUMARYNAME对象类型语法T11FcSpAlphaNumName

    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the non-active Policy Summary Object that
           contains this Policy Object."
    ::= { t11FcSpPoNaSummaryEntry 1 }
        
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the non-active Policy Summary Object that
           contains this Policy Object."
    ::= { t11FcSpPoNaSummaryEntry 1 }
        
t11FcSpPoNaSummaryPolicyType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyObjectType
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The 'Identifier' (i.e., the type) of this Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3.1 and table 104."
    ::= { t11FcSpPoNaSummaryEntry 2 }
        
t11FcSpPoNaSummaryPolicyType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyObjectType
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The 'Identifier' (i.e., the type) of this Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.3.1 and table 104."
    ::= { t11FcSpPoNaSummaryEntry 2 }
        
t11FcSpPoNaSummaryPolicyIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique integer value to distinguish this Policy Object
           from any others that have the same type and that are
           contained in the same Policy Summary Object."
    ::= { t11FcSpPoNaSummaryEntry 3 }
        
t11FcSpPoNaSummaryPolicyIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique integer value to distinguish this Policy Object
           from any others that have the same type and that are
           contained in the same Policy Summary Object."
    ::= { t11FcSpPoNaSummaryEntry 3 }
        
t11FcSpPoNaSummaryPolicyNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     alphaNumericName(7)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoNaSummaryPolicyNameType and
           t11FcSpPoNaSummaryPolicyName specify the name of the
           non-active Policy Object identified by this row.
        
t11FcSpPoNaSummaryPolicyNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     alphaNumericName(7)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoNaSummaryPolicyNameType and
           t11FcSpPoNaSummaryPolicyName specify the name of the
           non-active Policy Object identified by this row.
        
           The type of name must be 'nodeName' if the value of the
           corresponding instance of t11FcSpPoNaSummaryPolicyType is
           'switchConnectivity', or 'alphaNumericName' otherwise."
    ::= { t11FcSpPoNaSummaryEntry 4 }
        
           The type of name must be 'nodeName' if the value of the
           corresponding instance of t11FcSpPoNaSummaryPolicyType is
           'switchConnectivity', or 'alphaNumericName' otherwise."
    ::= { t11FcSpPoNaSummaryEntry 4 }
        

t11FcSpPoNaSummaryPolicyName OBJECT-TYPE SYNTAX T11FcSpPolicyName

T11FCSPONASUMaryPolicyName对象类型语法T11FCSPONASUMaryPolicyName

    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoNaSummaryPolicyNameType and
           t11FcSpPoNaSummaryPolicyName specify the name of the
           non-active Policy Object identified by this row."
    ::= { t11FcSpPoNaSummaryEntry 5 }
        
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The combination of t11FcSpPoNaSummaryPolicyNameType and
           t11FcSpPoNaSummaryPolicyName specify the name of the
           non-active Policy Object identified by this row."
    ::= { t11FcSpPoNaSummaryEntry 5 }
        

t11FcSpPoNaSummaryHashStatus OBJECT-TYPE SYNTAX T11FcSpHashCalculationStatus MAX-ACCESS read-create STATUS current DESCRIPTION "When read, the value of this object is either:

T11FCSPONASUMmaryHashStatus对象类型语法T11FCSPONASUMmaryHashCalculationStatus MAX-ACCESS read create STATUS current DESCRIPTION“读取时,此对象的值为:

correct -- the corresponding instance of t11FcSpPoNaSummaryHashValue contains the correct value; or stale -- the corresponding instance of t11FcSpPoNaSummaryHashValue contains a stale (possibly incorrect) value;

correct——T11FCSPONAsummaryHashValue的对应实例包含正确的值;或stale——t11fcsponasummaryhashvalue的对应实例包含一个stale(可能不正确)值;

           Writing a value of 'calculate' is a request to re-calculate
           and update the value of the corresponding instance of
           t11FcSpPoNaSummaryHashValue.  Writing a value of 'correct'
          or 'stale' to this object is an error (e.g., 'wrongValue')."
    DEFVAL      { stale }
    ::= { t11FcSpPoNaSummaryEntry 6 }
        
           Writing a value of 'calculate' is a request to re-calculate
           and update the value of the corresponding instance of
           t11FcSpPoNaSummaryHashValue.  Writing a value of 'correct'
          or 'stale' to this object is an error (e.g., 'wrongValue')."
    DEFVAL      { stale }
    ::= { t11FcSpPoNaSummaryEntry 6 }
        
t11FcSpPoNaSummaryHashFormat OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format of this Policy Object's hash value as
           contained in the corresponding instance of the
           t11FcSpPoNaSummaryHashValue object."
    DEFVAL      { '00000001'h }
    ::= { t11FcSpPoNaSummaryEntry 7 }
        
t11FcSpPoNaSummaryHashFormat OBJECT-TYPE
    SYNTAX       T11FcSpPolicyHashFormat
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The format of this Policy Object's hash value as
           contained in the corresponding instance of the
           t11FcSpPoNaSummaryHashValue object."
    DEFVAL      { '00000001'h }
    ::= { t11FcSpPoNaSummaryEntry 7 }
        

t11FcSpPoNaSummaryHashValue OBJECT-TYPE SYNTAX T11FcSpPolicyHashValue MAX-ACCESS read-only STATUS current DESCRIPTION "The hash value of this Policy Object, in the format identified by the corresponding instance of the t11FcSpPoNaSummaryHashFormat object."

T11FCSPONASUMaryHashValue对象类型语法T11FCSPONASUMaryHashValue最大访问只读状态当前描述“此策略对象的哈希值,格式由T11FCSPONASUMaryHashFormat对象的相应实例标识。”

    DEFVAL      { "" }
    ::= { t11FcSpPoNaSummaryEntry 8 }
        
    DEFVAL      { "" }
    ::= { t11FcSpPoNaSummaryEntry 8 }
        

t11FcSpPoNaSummaryRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row.

T11FCSPONASUMARYROWSTATUS对象类型语法RowStatus MAX-ACCESS read create STATUS current DESCRIPTION“此行的状态。

Before a row in this table can have 'active' status, a non-Active Policy Object must already be represented in the table corresponding to the value of t11FcSpPoNaSummaryPolicyType with the name given by the combination of t11FcSpPoNaSummaryPolicyNameType and t11FcSpPoNaSummaryPolicyName. If such a Policy Object gets deleted from the relevant table, the row in this table must also get deleted.

在此表中的行可以具有“活动”状态之前,非活动策略对象必须已在对应于T11FCSPONASUMARYPOLICYTYPE值的表中表示,名称由T11FCSPONASUMARYPOLICYNAME TYPE和T11FCSPONASUMARYPOLICYNAME的组合给出。如果从相关表中删除了此类策略对象,则此表中的行也必须删除。

           When a row has 'active' status, the only write-able MIB
           objects in this table are t11FcSpPoNaSummaryHashStatus and
           t11FcSpPoNaSummaryRowStatus."
    ::= { t11FcSpPoNaSummaryEntry 9 }
        
           When a row has 'active' status, the only write-able MIB
           objects in this table are t11FcSpPoNaSummaryHashStatus and
           t11FcSpPoNaSummaryRowStatus."
    ::= { t11FcSpPoNaSummaryEntry 9 }
        

-- -- Non-Active Switch Membership List Objects --

----非活动交换机成员列表对象--

t11FcSpPoNaSwListTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoNaSwListEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of non-active Switch Membership List Objects."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 108."
    ::= { t11FcSpPoNonActive 2 }
        
t11FcSpPoNaSwListTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoNaSwListEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of non-active Switch Membership List Objects."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 108."
    ::= { t11FcSpPoNonActive 2 }
        

t11FcSpPoNaSwListEntry OBJECT-TYPE SYNTAX T11FcSpPoNaSwListEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one non-active Switch Membership List Object for the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre

T11FCSPONASWLISENTRY对象类型语法T11FCSPONASWLISENTRY MAX-ACCESS不可访问状态当前描述“每个条目包含有关由T11FCSPOPOFFAbricindex标识并在光纤内管理的光纤网的一个非活动交换机成员资格列表对象的信息

Channel management instance identified by fcmInstanceIndex.

由fcmInstanceIndex标识的通道管理实例。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSwListName }
    ::= { t11FcSpPoNaSwListTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSwListName }
    ::= { t11FcSpPoNaSwListTable 1 }
        
T11FcSpPoNaSwListEntry ::= SEQUENCE {
    t11FcSpPoNaSwListName         T11FcSpAlphaNumName,
    t11FcSpPoNaSwListFabricName   FcNameIdOrZero,
    t11FcSpPoNaSwListRowStatus    RowStatus
}
        
T11FcSpPoNaSwListEntry ::= SEQUENCE {
    t11FcSpPoNaSwListName         T11FcSpAlphaNumName,
    t11FcSpPoNaSwListFabricName   FcNameIdOrZero,
    t11FcSpPoNaSwListRowStatus    RowStatus
}
        
t11FcSpPoNaSwListName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the Switch Membership List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 108."
    ::= { t11FcSpPoNaSwListEntry 1 }
        
t11FcSpPoNaSwListName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the Switch Membership List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 108."
    ::= { t11FcSpPoNaSwListEntry 1 }
        
t11FcSpPoNaSwListFabricName OBJECT-TYPE
    SYNTAX       FcNameIdOrZero
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The administratively specified Fabric_Name.  This value
           is meaningful only when static Domain_IDs are used in a
           Fabric.  If Static Domain_IDs are not used, the Fabric_Name
           is dynamically determined, in which case the value of this
           object can be '0000000000000000'h or the zero-length
           string."
    REFERENCE
           "- t11FamConfigDomainId, T11-FC-FABRIC-ADDR-MGR-MIB,
              Fibre Channel Fabric Address Manager MIB, RFC 4439;
            - ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, table 108."
    ::= { t11FcSpPoNaSwListEntry 2 }
        
t11FcSpPoNaSwListFabricName OBJECT-TYPE
    SYNTAX       FcNameIdOrZero
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The administratively specified Fabric_Name.  This value
           is meaningful only when static Domain_IDs are used in a
           Fabric.  If Static Domain_IDs are not used, the Fabric_Name
           is dynamically determined, in which case the value of this
           object can be '0000000000000000'h or the zero-length
           string."
    REFERENCE
           "- t11FamConfigDomainId, T11-FC-FABRIC-ADDR-MGR-MIB,
              Fibre Channel Fabric Address Manager MIB, RFC 4439;
            - ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, table 108."
    ::= { t11FcSpPoNaSwListEntry 2 }
        

t11FcSpPoNaSwListRowStatus OBJECT-TYPE

T11FCSPONASWLISTROWSTATUS对象类型

SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row. Values of object instances within the row can be modified at any time.

语法RowStatus MAX-ACCESS read create STATUS current DESCRIPTION“此行的状态。可以随时修改该行中对象实例的值。

           If a row in this table is deleted, any row in the
           t11FcSpPoNaSwMembTable for the same Switch Membership
           List Object will also get deleted."
    ::= { t11FcSpPoNaSwListEntry 3 }
        
           If a row in this table is deleted, any row in the
           t11FcSpPoNaSwMembTable for the same Switch Membership
           List Object will also get deleted."
    ::= { t11FcSpPoNaSwListEntry 3 }
        

-- -- Switch Entries in Non-Active Switch Membership List Objects --

----非活动交换机成员列表对象中的交换机条目--

t11FcSpPoNaSwMembTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoNaSwMembEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of Switch Entries in non-active Switch Membership
           List Objects."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNonActive 3 }
        
t11FcSpPoNaSwMembTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoNaSwMembEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of Switch Entries in non-active Switch Membership
           List Objects."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNonActive 3 }
        

t11FcSpPoNaSwMembEntry OBJECT-TYPE SYNTAX T11FcSpPoNaSwMembEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Switch that is listed in a Switch Entry of a non-active Switch Membership List Object for the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCSPONASWMEMENTRY对象类型语法T11FCSPONASWMEMENTRY MAX-ACCESS不可访问状态当前说明“每个条目都包含有关一个交换机的信息,该交换机列在由T11FCSPoFabricindex标识的结构的非活动交换机成员资格列表对象的交换机条目中,并在由fcmInstanceIndex标识的光纤通道管理实例中进行管理。

A row cannot exist unless there is a row in t11FcSpPoNaSwListTable for the given Switch Membership List Object, i.e., the row in t11FcSpPoNaSwListTable for a Switch Membership List Object must be created before (or simultaneously with) a row in this table for a Switch Entry in that Switch Membership List Object, and when a row in t11FcSpPoNaSwListTable is deleted, all rows in this table for Switch Entries in that Switch Membership List

除非给定交换机成员资格列表对象的T11FCSPONASWListTable中存在一行,否则该行不能存在,即,交换机成员资格列表对象的T11FCSPONASWListTable中的行必须在该表中该交换机成员资格列表对象中的交换机条目的行之前(或同时)创建,当T11FCSPONASWLISTTABLE中的一行被删除时,该表中的所有行将显示该交换机成员列表中的交换机条目

Object also get deleted.

对象也会被删除。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSwListName,
             t11FcSpPoNaSwMembSwitchNameType,
             t11FcSpPoNaSwMembSwitchName }
    ::= { t11FcSpPoNaSwMembTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSwListName,
             t11FcSpPoNaSwMembSwitchNameType,
             t11FcSpPoNaSwMembSwitchName }
    ::= { t11FcSpPoNaSwMembTable 1 }
        
T11FcSpPoNaSwMembEntry ::= SEQUENCE {
    t11FcSpPoNaSwMembSwitchNameType   T11FcSpPolicyNameType,
    t11FcSpPoNaSwMembSwitchName       FcNameIdOrZero,
    t11FcSpPoNaSwMembFlags            BITS,
    t11FcSpPoNaSwMembDomainID         FcDomainIdOrZero,
    t11FcSpPoNaSwMembPolicyDataRole   INTEGER,
    t11FcSpPoNaSwMembAuthBehaviour    BITS,
    t11FcSpPoNaSwMembAttribute        T11FcSpAlphaNumNameOrAbsent,
    t11FcSpPoNaSwMembRowStatus        RowStatus
}
        
T11FcSpPoNaSwMembEntry ::= SEQUENCE {
    t11FcSpPoNaSwMembSwitchNameType   T11FcSpPolicyNameType,
    t11FcSpPoNaSwMembSwitchName       FcNameIdOrZero,
    t11FcSpPoNaSwMembFlags            BITS,
    t11FcSpPoNaSwMembDomainID         FcDomainIdOrZero,
    t11FcSpPoNaSwMembPolicyDataRole   INTEGER,
    t11FcSpPoNaSwMembAuthBehaviour    BITS,
    t11FcSpPoNaSwMembAttribute        T11FcSpAlphaNumNameOrAbsent,
    t11FcSpPoNaSwMembRowStatus        RowStatus
}
        
t11FcSpPoNaSwMembSwitchNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'nodeName' or
           'restrictedNodeName', then the combination of
           this object and t11FcSpPoNaSwMembSwitchName specify the
           Switch Name of this Switch Entry.
        
t11FcSpPoNaSwMembSwitchNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'nodeName' or
           'restrictedNodeName', then the combination of
           this object and t11FcSpPoNaSwMembSwitchName specify the
           Switch Name of this Switch Entry.
        

The membership is restricted or unrestricted based on the name type. Restricted membership means that the Switch is not allowed to be part of the Fabric unless allowed by a specific Switch Connectivity Object. Unrestricted membership means that the Switch is allowed to be part of the Fabric unless disallowed by a specific Switch Connectivity Object.

根据名称类型限制或不限制成员资格。受限成员资格意味着除非特定交换机连接对象允许,否则不允许交换机成为结构的一部分。无限制成员资格意味着交换机被允许成为结构的一部分,除非特定交换机连接对象不允许。

The values of 'wildcard' and 'restrictedWildcard' provide the means to specify whether to allow/deny membership for Switches not explicitly named in the Switch Membership

“通配符”和“受限通配符”的值提供了指定是否允许/拒绝交换机成员资格中未明确命名的交换机的成员资格的方法

           List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNaSwMembEntry 1 }
        
           List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNaSwMembEntry 1 }
        

t11FcSpPoNaSwMembSwitchName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "If the value of t11FcSpPoSwMembSwitchNameType is 'wildcard' or 'restrictedWildcard', this object has the value '0000000000000000'h.

T11FCSPOSPONSWMBSwitchName对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS不可访问状态当前描述“如果T11FCSPOSWMBSwitchNameType的值为“通配符”或“受限通配符”,则此对象的值为“0000000000000000”。

           Otherwise, the combination of
           t11FcSpPoNaSwMembSwitchNameType and this object specify the
           Switch Name of this Switch Entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNaSwMembEntry 2 }
        
           Otherwise, the combination of
           t11FcSpPoNaSwMembSwitchNameType and this object specify the
           Switch Name of this Switch Entry."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNaSwMembEntry 2 }
        
t11FcSpPoNaSwMembFlags OBJECT-TYPE
    SYNTAX       BITS {
                     staticDomainID(0),
                     insistentDomainID(1),
                     serialPortsAccess(2),
                     physicalPortsAccess(3),
                     managerRole(4)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Switch:
        
t11FcSpPoNaSwMembFlags OBJECT-TYPE
    SYNTAX       BITS {
                     staticDomainID(0),
                     insistentDomainID(1),
                     serialPortsAccess(2),
                     physicalPortsAccess(3),
                     managerRole(4)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Switch:
        

'staticDomainID' - the Switch uses the 'Static Domain_IDs behavior' (as defined in FC-SW-4) when this bit is set. This bit should have the same setting for all Switches in a Fabric's Switch Membership List Object, or else the Fabric will partition. If this bit is set, the 'insistentDomainID' bit must not be set.

“staticDomainID”-设置此位时,交换机使用“静态域ID行为”(如FC-SW-4中定义)。对于结构的交换机成员列表对象中的所有交换机,该位应具有相同的设置,否则结构将进行分区。如果设置了此位,则不能设置“ConsistentDomainId”位。

'insistentDomainID' - if this bit is set, the Switch uses the 'Insistent Domain_IDs behavior' (as defined in

“PersistentDomainId”-如果设置了此位,交换机将使用“PersistentDomain_ID行为”(如中所定义)

FC-SW-4), and the 'staticDomainID' bit must not be set.

FC-SW-4)和“staticDomainID”位不得设置。

'serialPortsAccess' - the Switch allows management through serial ports when and only when this bit is set.

“serialPortsAccess”-当且仅当设置此位时,交换机才允许通过串行端口进行管理。

'physicalPortsAccess' - the Switch allows management through the physical panel when and only when this bit is set.

“physicalPortsAccess”-当且仅当设置此位时,交换机才允许通过物理面板进行管理。

              'managerRole'        - the Switch is allowed to change
           the Fabric Policy configuration (on receipt of any of the
           EACA, ESFC, EUFC, ACA, SFC, or UFC SW_ILSs) if this bit is
           set."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 112."
    ::= { t11FcSpPoNaSwMembEntry 3 }
        
              'managerRole'        - the Switch is allowed to change
           the Fabric Policy configuration (on receipt of any of the
           EACA, ESFC, EUFC, ACA, SFC, or UFC SW_ILSs) if this bit is
           set."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 112."
    ::= { t11FcSpPoNaSwMembEntry 3 }
        
t11FcSpPoNaSwMembDomainID OBJECT-TYPE
    SYNTAX       FcDomainIdOrZero
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Domain_ID to be used when either the 'staticDomainID'
           bit or the 'insistentDomainID' bit is set in the
           corresponding value of t11FcSpPoNaSwMembFlags."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and tables 111 and 112."
    ::= { t11FcSpPoNaSwMembEntry 4 }
        
t11FcSpPoNaSwMembDomainID OBJECT-TYPE
    SYNTAX       FcDomainIdOrZero
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Domain_ID to be used when either the 'staticDomainID'
           bit or the 'insistentDomainID' bit is set in the
           corresponding value of t11FcSpPoNaSwMembFlags."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and tables 111 and 112."
    ::= { t11FcSpPoNaSwMembEntry 4 }
        
t11FcSpPoNaSwMembPolicyDataRole OBJECT-TYPE
    SYNTAX       INTEGER {
                     client(1),
                     autonomous(2),
                     server(3)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The role of the Switch in terms of which Policy data
           it retains/maintains:
        
t11FcSpPoNaSwMembPolicyDataRole OBJECT-TYPE
    SYNTAX       INTEGER {
                     client(1),
                     autonomous(2),
                     server(3)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The role of the Switch in terms of which Policy data
           it retains/maintains:
        

'client' - the Switch operates as a Client Switch. A Client Switch maintains its own Switch Connectivity Object and all Fabric-wide List Objects. If FC-SP

“客户端”-交换机作为客户端交换机运行。客户端交换机维护其自己的交换机连接对象和所有结构范围的列表对象。如果FC-SP

Zoning is used, a Client Switch maintains only the subset of the Active Zone Set that it requires to enforce the current Fabric Zoning configuration.

使用分区时,客户端交换机仅维护其强制当前结构分区配置所需的活动分区集的子集。

'autonomous' - the Switch operates as an Autonomous Switch. An Autonomous Switch maintains its own Switch Connectivity Object and all Fabric-wide List Objects. This is the same as 'client' except that if FC-SP Zoning is used, an Autonomous Switch maintains a complete copy of the Fabric Zoning Database.

“自动”——开关作为自动开关运行。自治交换机维护其自己的交换机连接对象和所有结构范围的列表对象。这与“客户端”相同,只是如果使用FC-SP分区,自治交换机会维护结构分区数据库的完整副本。

             'server' - the Switch operates as a Server Switch.
           A Server Switch maintains all Fabric-wide List Objects
           and the Switch Connectivity Objects of each Switch in
           the Fabric.  If FC-SP Zoning is used, a Server Switch
           maintains a complete copy of the Fabric Zoning Database."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 113."
    ::= { t11FcSpPoNaSwMembEntry 5 }
        
             'server' - the Switch operates as a Server Switch.
           A Server Switch maintains all Fabric-wide List Objects
           and the Switch Connectivity Objects of each Switch in
           the Fabric.  If FC-SP Zoning is used, a Server Switch
           maintains a complete copy of the Fabric Zoning Database."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 113."
    ::= { t11FcSpPoNaSwMembEntry 5 }
        
t11FcSpPoNaSwMembAuthBehaviour  OBJECT-TYPE
    SYNTAX       BITS {
                      mustAuthenticate(0),
                      rejectIsFailure(1)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The authentication behaviour of the Switch:
        
t11FcSpPoNaSwMembAuthBehaviour  OBJECT-TYPE
    SYNTAX       BITS {
                      mustAuthenticate(0),
                      rejectIsFailure(1)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The authentication behaviour of the Switch:
        

'mustAuthenticate' - if this bit is set, all connections between this Switch and neighbor Switches must be authenticated.

“mustAuthenticate”-如果设置了此位,则必须验证此交换机和相邻交换机之间的所有连接。

             'rejectIsFailure' - if this bit is set, the rejection of
           an AUTH_Negotiate message must be considered as an
           authentication failure by this Switch."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 114."
    ::= { t11FcSpPoNaSwMembEntry 6 }
        
             'rejectIsFailure' - if this bit is set, the rejection of
           an AUTH_Negotiate message must be considered as an
           authentication failure by this Switch."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 114."
    ::= { t11FcSpPoNaSwMembEntry 6 }
        

t11FcSpPoNaSwMembAttribute OBJECT-TYPE SYNTAX T11FcSpAlphaNumNameOrAbsent MAX-ACCESS read-create

T11FCSPONASWMEMBATTribute对象类型语法T11FcSpAlphaNumNameOrAbsent MAX-ACCESS read create

STATUS current DESCRIPTION "The name of a non-active Attribute Policy Object that is defined for this Switch. The zero-length string indicates that no non-active Attribute Policy Object is defined for this Switch.

STATUS current DESCRIPTION“为此交换机定义的非活动属性策略对象的名称。零长度字符串表示未为此交换机定义非活动属性策略对象。

           The effect of having no rows in the t11FcSpPoNaAttribTable
           for which the value of t11FcSpPoNaAttribName is the
           same as the value of this object, is the same as
           this object's value being the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNaSwMembEntry 7 }
        
           The effect of having no rows in the t11FcSpPoNaAttribTable
           for which the value of t11FcSpPoNaAttribName is the
           same as the value of this object, is the same as
           this object's value being the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 110."
    ::= { t11FcSpPoNaSwMembEntry 7 }
        

t11FcSpPoNaSwMembRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row. Values of object instances within the row can be modified at any time.

T11FCSPONASWMEMBROWSTATUS对象类型语法RowStatus MAX-ACCESS read create STATUS current DESCRIPTION“此行的状态。可以随时修改该行中对象实例的值。

           A row cannot exist unless there is a row in the
           t11FcSpPoNaSwListTable for the Switch Membership List
           Object containing the Switch Entry for this Switch, i.e.,
           the row in t11FcSpPoNaSwListTable for a Switch Membership
           List Object must be created before (or simultaneously)
           with a row in this table for a Switch Entry in that
           Switch Membership List Object; and when a row in
           t11FcSpPoNaSwListTable is deleted, any row in this
           table for a Switch Entry in that Switch Membership
           List Object also gets deleted."
    ::= { t11FcSpPoNaSwMembEntry 8 }
        
           A row cannot exist unless there is a row in the
           t11FcSpPoNaSwListTable for the Switch Membership List
           Object containing the Switch Entry for this Switch, i.e.,
           the row in t11FcSpPoNaSwListTable for a Switch Membership
           List Object must be created before (or simultaneously)
           with a row in this table for a Switch Entry in that
           Switch Membership List Object; and when a row in
           t11FcSpPoNaSwListTable is deleted, any row in this
           table for a Switch Entry in that Switch Membership
           List Object also gets deleted."
    ::= { t11FcSpPoNaSwMembEntry 8 }
        

-- -- Node Entries in Non-Active Node Membership List Objects --

----非活动节点成员列表对象中的节点条目--

t11FcSpPoNaNoMembTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaNoMembEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Node Entries in non-active Node Membership List Objects.

T11FCSPONANOMEMBENTRY MAX-ACCESS的T11FCSPONANOMEMBENTRY对象类型语法序列不可访问状态当前描述“非活动节点成员列表对象中的节点条目表。

           One Node Membership List Object is represented by all
           the rows in this table that have the same value of
           t11FcSpPoNaNoMembListName."
    ::= { t11FcSpPoNonActive 4 }
        
           One Node Membership List Object is represented by all
           the rows in this table that have the same value of
           t11FcSpPoNaNoMembListName."
    ::= { t11FcSpPoNonActive 4 }
        

t11FcSpPoNaNoMembEntry OBJECT-TYPE SYNTAX T11FcSpPoNaNoMembEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Node Entry of a non-active Node Membership List Object for the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCPONANOMEMBENTRY对象类型语法T11FCPONANOMEMBENTRY MAX-ACCESS不可访问状态当前说明“每个条目都包含有关T11FCSPoFabricindex标识的结构的非活动节点成员资格列表对象的一个节点条目的信息,该对象在fcmInstanceIndex标识的光纤通道管理实例中进行管理。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaNoMembListName,
             t11FcSpPoNaNoMembNodeNameType,
             t11FcSpPoNaNoMembNodeName }
    ::= { t11FcSpPoNaNoMembTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaNoMembListName,
             t11FcSpPoNaNoMembNodeNameType,
             t11FcSpPoNaNoMembNodeName }
    ::= { t11FcSpPoNaNoMembTable 1 }
        
T11FcSpPoNaNoMembEntry ::= SEQUENCE {
    t11FcSpPoNaNoMembListName       T11FcSpAlphaNumName,
    t11FcSpPoNaNoMembNodeNameType   T11FcSpPolicyNameType,
    t11FcSpPoNaNoMembNodeName       FcNameIdOrZero,
    t11FcSpPoNaNoMembFlags          BITS,
    t11FcSpPoNaNoMembCtAccessIndex  Unsigned32,
    t11FcSpPoNaNoMembAttribute      T11FcSpAlphaNumNameOrAbsent,
    t11FcSpPoNaNoMembRowStatus      RowStatus
}
        
T11FcSpPoNaNoMembEntry ::= SEQUENCE {
    t11FcSpPoNaNoMembListName       T11FcSpAlphaNumName,
    t11FcSpPoNaNoMembNodeNameType   T11FcSpPolicyNameType,
    t11FcSpPoNaNoMembNodeName       FcNameIdOrZero,
    t11FcSpPoNaNoMembFlags          BITS,
    t11FcSpPoNaNoMembCtAccessIndex  Unsigned32,
    t11FcSpPoNaNoMembAttribute      T11FcSpAlphaNumNameOrAbsent,
    t11FcSpPoNaNoMembRowStatus      RowStatus
}
        
t11FcSpPoNaNoMembListName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the non-active Node Membership List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNaNoMembEntry 1 }
        
t11FcSpPoNaNoMembListName OBJECT-TYPE
    SYNTAX       T11FcSpAlphaNumName
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The name of the non-active Node Membership List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNaNoMembEntry 1 }
        

t11FcSpPoNaNoMembNodeNameType OBJECT-TYPE

T11FCSPONANOMENOBNodeNameType对象类型

    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this Node Entry applies to Nodes not
           explicitly named in the Node Membership List Object.
        
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this Node Entry applies to Nodes not
           explicitly named in the Node Membership List Object.
        

Otherwise, the combination of this object and t11FcSpPoNaNoMembNodeName specify the name of this Node Entry in the active Node Membership List Object. A Node is identified by its Node Name or by one or more of its Port Names.

否则,此对象和T11FCSPONANOMEMBNODENAME的组合将在活动节点成员列表对象中指定此节点项的名称。节点由其节点名或一个或多个端口名标识。

           Restricted membership means that a Node is not allowed to be
           connected to the Fabric unless allowed by a specific Switch
           Connectivity Object.  Unrestricted membership means that a
           Node is allowed to be connected to the Fabric unless
           disallowed by a specific Switch Connectivity Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNaNoMembEntry 2 }
        
           Restricted membership means that a Node is not allowed to be
           connected to the Fabric unless allowed by a specific Switch
           Connectivity Object.  Unrestricted membership means that a
           Node is allowed to be connected to the Fabric unless
           disallowed by a specific Switch Connectivity Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNaNoMembEntry 2 }
        

t11FcSpPoNaNoMembNodeName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "If the value of t11FcSpPoNaNoMembNodeNameType is 'wildcard' or 'restrictedWildcard', this object has the value '0000000000000000'h.

T11FCSPONANOMENOBNodeName对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS不可访问状态当前说明“如果T11FCSPONANOMENOBNodeName类型的值为“通配符”或“受限通配符”,则此对象的值为“0000000000000000”。

Otherwise, the combination of t11FcSpPoNaNoMembNodeNameType and this object specify the name of this Node Entry is the active Node Membership List Object." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, section 7.1.4.1 and table 116."

否则,T11FCSPONAMEMENOBNODENAMETYPE和此对象的组合指定此节点条目的名称为活动节点成员列表对象。“参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,第7.1.4.1节和表116。”

    ::= { t11FcSpPoNaNoMembEntry 3 }
        
    ::= { t11FcSpPoNaNoMembEntry 3 }
        
t11FcSpPoNaNoMembFlags OBJECT-TYPE
    SYNTAX       BITS {
                     scsiEnclosureAccess(0),
                     authenticationRequired(1)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Node:
        
t11FcSpPoNaNoMembFlags OBJECT-TYPE
    SYNTAX       BITS {
                     scsiEnclosureAccess(0),
                     authenticationRequired(1)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "Configurable options in respect to the administration
           of Policy Objects at this Node:
        

'scsiEnclosureAccess' - the Node is allowed to control any Switch through SCSI Enclosure Services if this bit is set. If a Switch does not support SCSI Enclosure Services, this bit is ignored.

“scsiEnclosureAccess”-如果设置了此位,则允许节点通过SCSI机柜服务控制任何交换机。如果交换机不支持SCSI机柜服务,则忽略此位。

                'authenticationRequired'   - the Node is required to
           authenticate itself to any Switch to which it is connected
           if and only if this bit is set."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 118."
    ::= { t11FcSpPoNaNoMembEntry 4 }
        
                'authenticationRequired'   - the Node is required to
           authenticate itself to any Switch to which it is connected
           if and only if this bit is set."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 118."
    ::= { t11FcSpPoNaNoMembEntry 4 }
        

t11FcSpPoNaNoMembCtAccessIndex OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-create STATUS current DESCRIPTION "If the value of this object is zero, then access by this Node to Generic Services is not limited by a Common Transport Access Specifier.

T11FCSPONANOMEMBCTAccessIndex对象类型语法Unsigned32(0..4294967295)MAX-ACCESS read create STATUS current DESCRIPTION“如果此对象的值为零,则此节点对通用服务的访问不受公共传输访问说明符的限制。

           Otherwise, the limits are specified by the set of Common
           Transport Access Descriptors contained in those rows of
           the t11FcSpPoNaCtDescrTable for which the value of
           t11FcSpPoNaCtDescrSpecifierIndex is the same as the value
           of this object.  No such rows in t11FcSpPoNaCtDescrTable
           have the same effect as this object's value being zero."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.4.1 and tables 118/119/120/121."
    ::= { t11FcSpPoNaNoMembEntry 5 }
        
           Otherwise, the limits are specified by the set of Common
           Transport Access Descriptors contained in those rows of
           the t11FcSpPoNaCtDescrTable for which the value of
           t11FcSpPoNaCtDescrSpecifierIndex is the same as the value
           of this object.  No such rows in t11FcSpPoNaCtDescrTable
           have the same effect as this object's value being zero."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.4.1 and tables 118/119/120/121."
    ::= { t11FcSpPoNaNoMembEntry 5 }
        

t11FcSpPoNaNoMembAttribute OBJECT-TYPE SYNTAX T11FcSpAlphaNumNameOrAbsent MAX-ACCESS read-create STATUS current DESCRIPTION "The name of a non-active Attribute Policy Object that is defined for this Node. The zero-length string indicates that no non-active Attribute Policy Object is defined for this Node.

T11FCSPONANOMEMBATTribute对象类型语法T11FcSpAlphaNumNameOrAbsent MAX-ACCESS read create STATUS current DESCRIPTION“为此节点定义的非活动属性策略对象的名称。零长度字符串表示未为此节点定义非活动属性策略对象。

           The effect of having no rows in the t11FcSpPoNaAttribTable
           for which the value of t11FcSpPoNaAttribName is the
           same as the value of this object, is the same as
           this object's value being the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNaNoMembEntry 6 }
        
           The effect of having no rows in the t11FcSpPoNaAttribTable
           for which the value of t11FcSpPoNaAttribName is the
           same as the value of this object, is the same as
           this object's value being the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.4.1 and table 116."
    ::= { t11FcSpPoNaNoMembEntry 6 }
        
t11FcSpPoNaNoMembRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaNoMembEntry 7 }
        
t11FcSpPoNaNoMembRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaNoMembEntry 7 }
        

-- -- -- Non-Active Common Transport Access Descriptors --

----非活动公共传输访问描述符--

t11FcSpPoNaCtDescrTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaCtDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Common Transport Access Descriptors referenced by non-active Policy Objects.

T11FCPONACTDESCRENTRY MAX-ACCESS不可访问状态的T11FCPONACTDESCRENTRY对象类型语法序列当前描述“由非活动策略对象引用的公共传输访问描述符表。

A Common Transport Access Specifier is a list of Common Transport Access Descriptors that specify whether a Node is allowed to access a Generic Service or Sub-Server.

公共传输访问说明符是公共传输访问说明符的列表,用于指定是否允许节点访问通用服务或子服务器。

A non-active Common Transport Access Specifier is represented by all rows of this table that have the same

非活动公共传输访问说明符由该表中具有相同属性的所有行表示

           values of fcmInstanceIndex, t11FcSpPoFabricIndex, and
           t11FcSpPoNaCtDescrSpecifierIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.5"
    ::= { t11FcSpPoNonActive 5 }
        
           values of fcmInstanceIndex, t11FcSpPoFabricIndex, and
           t11FcSpPoNaCtDescrSpecifierIndex."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.5"
    ::= { t11FcSpPoNonActive 5 }
        

t11FcSpPoNaCtDescrEntry OBJECT-TYPE SYNTAX T11FcSpPoNaCtDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Common Transport Access Descriptor of an non-active Common Transport Access Specifier used within the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCPONACTDESCRENTRY对象类型语法T11FCPONACTDESCRENTRY MAX-ACCESS不可访问状态当前描述“每个条目都包含有关非活动公共传输访问说明符的一个公共传输访问说明符的信息,该说明符在由T11FCSPoFabricindex标识的结构中使用,并在由fcmInstanceIndex标识的光纤通道管理实例中管理。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaCtDescrSpecifierIndex, t11FcSpPoNaCtDescrIndex }
    ::= { t11FcSpPoNaCtDescrTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaCtDescrSpecifierIndex, t11FcSpPoNaCtDescrIndex }
    ::= { t11FcSpPoNaCtDescrTable 1 }
        
T11FcSpPoNaCtDescrEntry ::= SEQUENCE {
    t11FcSpPoNaCtDescrSpecifierIndex   Unsigned32,
    t11FcSpPoNaCtDescrIndex            Unsigned32,
    t11FcSpPoNaCtDescrFlags            BITS,
    t11FcSpPoNaCtDescrGsType           OCTET STRING,
    t11FcSpPoNaCtDescrGsSubType        OCTET STRING,
    t11FcSpPoNaCtDescrRowStatus        RowStatus
}
        
T11FcSpPoNaCtDescrEntry ::= SEQUENCE {
    t11FcSpPoNaCtDescrSpecifierIndex   Unsigned32,
    t11FcSpPoNaCtDescrIndex            Unsigned32,
    t11FcSpPoNaCtDescrFlags            BITS,
    t11FcSpPoNaCtDescrGsType           OCTET STRING,
    t11FcSpPoNaCtDescrGsSubType        OCTET STRING,
    t11FcSpPoNaCtDescrRowStatus        RowStatus
}
        
t11FcSpPoNaCtDescrSpecifierIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Specifier within a Fabric."
    ::= { t11FcSpPoNaCtDescrEntry 1 }
        
t11FcSpPoNaCtDescrSpecifierIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Specifier within a Fabric."
    ::= { t11FcSpPoNaCtDescrEntry 1 }
        

t11FcSpPoNaCtDescrIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current

T11FCSPONACTDESCRINDEX对象类型语法Unsigned32(1..4294967295)MAX-ACCESS不可访问状态当前

    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Descriptor within a Common Transport
           Access Specifier."
    ::= { t11FcSpPoNaCtDescrEntry 2 }
        
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Common Transport Access Descriptor within a Common Transport
           Access Specifier."
    ::= { t11FcSpPoNaCtDescrEntry 2 }
        
t11FcSpPoNaCtDescrFlags OBJECT-TYPE
    SYNTAX       BITS {
                     allow(0),
                     gsTypeWildcard(1),
                     gsSubTypeWildcard(2),
                     readOnly(3)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The flag bits that specify how access is to be limited by
           this Common Transport Access Descriptor:
        
t11FcSpPoNaCtDescrFlags OBJECT-TYPE
    SYNTAX       BITS {
                     allow(0),
                     gsTypeWildcard(1),
                     gsSubTypeWildcard(2),
                     readOnly(3)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The flag bits that specify how access is to be limited by
           this Common Transport Access Descriptor:
        

- allow -- access to the specified Generic Service and Server is allowed if this bit is set, and is to be denied if this bit is not set.

- allow——如果设置了此位,则允许访问指定的通用服务和服务器;如果未设置此位,则拒绝访问。

- gsTypeWildcard -- if this bit is set, the Generic Service to be allowed/denied is specified by the value of t11FcSpPoNaCtDescrGsType, and the gsSubTypeWildcard bit must not also be set.

- gsTypeWildcard——如果设置了此位,则允许/拒绝的通用服务由t11fcsponactdescrgstype的值指定,并且不能同时设置gssubjectwildcard位。

- gsSubTypeWildcard -- if this bit is set, the Generic Service to be allowed/denied is specified by the value of t11FcSpPoNaCtDescrGsSubType, and the gsTypeWildcard bit must not also be set.

- GSSubsubficated通配符——如果设置了此位,则允许/拒绝的通用服务由T11FCPONACTDESCRGSUBTYPE的值指定,并且不能同时设置GSTYPE通配符位。

            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.5.1, and tables 117, 118, and 120."
    ::= { t11FcSpPoNaCtDescrEntry 3 }
        
            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.5.1, and tables 117, 118, and 120."
    ::= { t11FcSpPoNaCtDescrEntry 3 }
        

t11FcSpPoNaCtDescrGsType OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1)) MAX-ACCESS read-create STATUS current DESCRIPTION "The GS_Type of the Generic Service (e.g., the FC-GS-5 Management Service) that is subject to access control.

T11FCSPONACTDESCRGSTYPE对象类型语法八位字节字符串(大小(1))MAX-ACCESS read create STATUS current DESCRIPTION“受访问控制的通用服务(例如FC-GS-5管理服务)的GS_类型。

           This value is ignored if the gsTypeWildcard bit is not set
           in the corresponding value of t11FcSpPoNaCtDescrFlags."
    REFERENCE
           "- ANSI INCITS 427-2006,
              Fibre Channel - Generic Services-5 (FC-GS-5),
              section 4.3.2.4.
            - ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.5.1 and table 120."
    ::= { t11FcSpPoNaCtDescrEntry 4 }
        
           This value is ignored if the gsTypeWildcard bit is not set
           in the corresponding value of t11FcSpPoNaCtDescrFlags."
    REFERENCE
           "- ANSI INCITS 427-2006,
              Fibre Channel - Generic Services-5 (FC-GS-5),
              section 4.3.2.4.
            - ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.5.1 and table 120."
    ::= { t11FcSpPoNaCtDescrEntry 4 }
        
t11FcSpPoNaCtDescrGsSubType OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The GS_Subtype of the Generic Server (e.g., the Fabric Zone
           Server) that is subject to access control.  This value is
           ignored if the gsSubTypeWildcard bit is not set in the
           corresponding value of t11FcSpPoNaCtDescrFlags."
    REFERENCE
           "- ANSI INCITS 427-2006,
              Fibre Channel - Generic Services-5 (FC-GS-5),
              section 4.3.2.5.
            - ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.5.1 and table 120."
    ::= { t11FcSpPoNaCtDescrEntry 5 }
        
t11FcSpPoNaCtDescrGsSubType OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The GS_Subtype of the Generic Server (e.g., the Fabric Zone
           Server) that is subject to access control.  This value is
           ignored if the gsSubTypeWildcard bit is not set in the
           corresponding value of t11FcSpPoNaCtDescrFlags."
    REFERENCE
           "- ANSI INCITS 427-2006,
              Fibre Channel - Generic Services-5 (FC-GS-5),
              section 4.3.2.5.
            - ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.5.1 and table 120."
    ::= { t11FcSpPoNaCtDescrEntry 5 }
        
t11FcSpPoNaCtDescrRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaCtDescrEntry 6 }
        
t11FcSpPoNaCtDescrRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaCtDescrEntry 6 }
        

-- -- Switches/Nodes in Non-Active Switch Connectivity Objects --

----非活动交换机连接对象中的交换机/节点--

t11FcSpPoNaSwConnTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaSwConnEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of non-active Switch Connectivity Objects.

T11FCSPONASWCONTABLE对象类型T11FCSPONASWCONNENTRY MAX-ACCESS的语法序列不可访问状态当前描述“非活动交换机连接对象表”。

           A Switch Connectivity Object defines to which other
           Switches or Nodes a particular Switch may/may not be
           connected at the Node level and/or at the Port level."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6."
    ::= { t11FcSpPoNonActive 6 }
        
           A Switch Connectivity Object defines to which other
           Switches or Nodes a particular Switch may/may not be
           connected at the Node level and/or at the Port level."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6."
    ::= { t11FcSpPoNonActive 6 }
        

t11FcSpPoNaSwConnEntry OBJECT-TYPE SYNTAX T11FcSpPoNaSwConnEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains the name of a Switch/Node with which any port of a particular Switch on a particular Fabric, or a particular port on that Switch, is allowed or not allowed to be connected.

T11FCSPONASWConnentry对象类型语法T11FCSPONASWConnentry MAX-ACCESS不可访问状态当前描述“每个条目都包含一个交换机/节点的名称,允许或不允许连接特定结构上特定交换机的任何端口或该交换机上的特定端口。

The particular Fabric is identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

特定结构由T11FCSPoFabricindex标识,并在FCMinStatanceIndex标识的光纤通道管理实例中进行管理。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSwConnSwitchName,
             t11FcSpPoNaSwConnAllowedType,
             t11FcSpPoNaSwConnPortNameOrAll,
             t11FcSpPoNaSwConnAllowedIndex }
    ::= { t11FcSpPoNaSwConnTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaSwConnSwitchName,
             t11FcSpPoNaSwConnAllowedType,
             t11FcSpPoNaSwConnPortNameOrAll,
             t11FcSpPoNaSwConnAllowedIndex }
    ::= { t11FcSpPoNaSwConnTable 1 }
        
T11FcSpPoNaSwConnEntry ::= SEQUENCE {
    t11FcSpPoNaSwConnSwitchName       FcNameIdOrZero,
    t11FcSpPoNaSwConnAllowedType      INTEGER,
    t11FcSpPoNaSwConnPortNameOrAll    FcNameIdOrZero,
    t11FcSpPoNaSwConnAllowedIndex     Unsigned32,
    t11FcSpPoNaSwConnAllowedNameType  T11FcSpPolicyNameType,
    t11FcSpPoNaSwConnAllowedName      FcNameIdOrZero,
    t11FcSpPoNaSwConnRowStatus        RowStatus
}
        
T11FcSpPoNaSwConnEntry ::= SEQUENCE {
    t11FcSpPoNaSwConnSwitchName       FcNameIdOrZero,
    t11FcSpPoNaSwConnAllowedType      INTEGER,
    t11FcSpPoNaSwConnPortNameOrAll    FcNameIdOrZero,
    t11FcSpPoNaSwConnAllowedIndex     Unsigned32,
    t11FcSpPoNaSwConnAllowedNameType  T11FcSpPolicyNameType,
    t11FcSpPoNaSwConnAllowedName      FcNameIdOrZero,
    t11FcSpPoNaSwConnRowStatus        RowStatus
}
        

t11FcSpPoNaSwConnSwitchName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION

T11FCSPONASWCONNSwitchName对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS不可访问状态当前说明

           "The name of the Switch for which this Switch Connectivity
           Object specifies topology restrictions."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and table 123."
    ::= { t11FcSpPoNaSwConnEntry 1 }
        
           "The name of the Switch for which this Switch Connectivity
           Object specifies topology restrictions."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and table 123."
    ::= { t11FcSpPoNaSwConnEntry 1 }
        
t11FcSpPoNaSwConnAllowedType OBJECT-TYPE
    SYNTAX       INTEGER { switch(1), node(2) }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object specifies whether this row refers to an
           'Allowed Switch' that concerns Switch-to-Switch
           connectivity or an 'Allowed Node' that concerns
           Switch-to-Node connectivity.  Consequently, this object's
           value indicates whether the corresponding instance of
           t11FcSpPoNaSwConnAllowedName specifies the name of a Switch
           or the name of a Node."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and table 123."
    ::= { t11FcSpPoNaSwConnEntry 2 }
        
t11FcSpPoNaSwConnAllowedType OBJECT-TYPE
    SYNTAX       INTEGER { switch(1), node(2) }
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object specifies whether this row refers to an
           'Allowed Switch' that concerns Switch-to-Switch
           connectivity or an 'Allowed Node' that concerns
           Switch-to-Node connectivity.  Consequently, this object's
           value indicates whether the corresponding instance of
           t11FcSpPoNaSwConnAllowedName specifies the name of a Switch
           or the name of a Node."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and table 123."
    ::= { t11FcSpPoNaSwConnEntry 2 }
        

t11FcSpPoNaSwConnPortNameOrAll OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE(0 | 8)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object specifies either the particular port on which this topology restriction applies, or if the value is the zero-length string, that the topology restriction applies to all ports of the Switch.

T11FCSPONASWCONNPORTNAMEORL对象类型语法FcNameIdOrZero(大小(0 | 8))MAX-ACCESS not ACCESS STATUS current DESCRIPTION“此对象指定应用此拓扑限制的特定端口,或者如果该值为零长度字符串,则拓扑限制应用于交换机的所有端口。

           In other words, if this object's value contains the name of
           a port, then this row represents a 'Port Connectivity Entry'
           (as described in FC-SP) within a Switch Connectivity Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and tables 123/124."
    ::= { t11FcSpPoNaSwConnEntry 3 }
        
           In other words, if this object's value contains the name of
           a port, then this row represents a 'Port Connectivity Entry'
           (as described in FC-SP) within a Switch Connectivity Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and tables 123/124."
    ::= { t11FcSpPoNaSwConnEntry 3 }
        

t11FcSpPoNaSwConnAllowedIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible

T11FCSPONASWCONNALLOWEDINDEX对象类型语法Unsigned32(1..4294967295)MAX-ACCESS不可访问

    STATUS       current
    DESCRIPTION
           "When multiple rows in this table refer to different
           'Allowed Switches' or to different 'Allowed Nodes' for the
           same port(s) in the same Switch Connectivity Object, this
           object provides a unique index value to distinguish between
           such rows."
    ::= { t11FcSpPoNaSwConnEntry 4 }
        
    STATUS       current
    DESCRIPTION
           "When multiple rows in this table refer to different
           'Allowed Switches' or to different 'Allowed Nodes' for the
           same port(s) in the same Switch Connectivity Object, this
           object provides a unique index value to distinguish between
           such rows."
    ::= { t11FcSpPoNaSwConnEntry 4 }
        
t11FcSpPoNaSwConnAllowedNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this row specifies whether
           connectivity is allowed/not allowed with entities not
           explicitly named by other rows.
        
t11FcSpPoNaSwConnAllowedNameType OBJECT-TYPE
    SYNTAX       T11FcSpPolicyNameType {
                     nodeName(1),
                     restrictedNodeName(2),
                     portName(3),
                     restrictedPortName(4),
                     wildcard(5),
                     restrictedWildcard(6)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "If the value of this object is 'wildcard' or
           'restrictedWildcard', this row specifies whether
           connectivity is allowed/not allowed with entities not
           explicitly named by other rows.
        

Otherwise, the combination of t11FcSpPoNaSwConnAllowedNameType and t11FcSpPoNaSwConnAllowedName specify the name of:

否则,T11FCSPONASWCONNALLOWEDNAMETYPE和T11FCSPONASWCONNALLOWEDNAME的组合将指定以下名称:

- a Switch (if t11FcSpPoNaSwConnAllowedType = 'switch'), or - a Node (if t11FcSpPoNaSwConnAllowedType = 'node')

- 一个开关(如果T11FCSPONASWCONNALLOWEDTYPE='Switch')或一个节点(如果T11FCSPONASWCONNALLOWEDTYPE='Node')

           to which connectivity is allowed/not allowed."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and tables 123/124."
    ::= { t11FcSpPoNaSwConnEntry 5 }
        
           to which connectivity is allowed/not allowed."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and tables 123/124."
    ::= { t11FcSpPoNaSwConnEntry 5 }
        

t11FcSpPoNaSwConnAllowedName OBJECT-TYPE SYNTAX FcNameIdOrZero (SIZE (8)) MAX-ACCESS read-create STATUS current DESCRIPTION "If t11FcSpPoNaSwConnAllowedNameType has the value 'wildcard' or 'restrictedWildcard', this object has the value '0000000000000000'h.

T11FCSPONASWCONNALLOWEDNAME对象类型语法FcNameIdOrZero(大小(8))MAX-ACCESS read create STATUS current DESCRIPTION“如果T11FCSPONASWCONNALLOWEDNAME类型的值为“通配符”或“受限通配符”,则此对象的值为“0000000000000000”。

Otherwise, the combination of t11FcSpPoNaSwConnAllowedNameType and t11FcSpPoNaSwConnAllowedName specify the name of:

否则,T11FCSPONASWCONNALLOWEDNAMETYPE和T11FCSPONASWCONNALLOWEDNAME的组合将指定以下名称:

- a Switch (if t11FcSpPoNaSwConnAllowedType = 'switch'), or - a Node (if t11FcSpPoNaSwConnAllowedType = 'node')

- 一个开关(如果T11FCSPONASWCONNALLOWEDTYPE='Switch')或一个节点(如果T11FCSPONASWCONNALLOWEDTYPE='Node')

           to which connectivity is allowed/not allowed."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and tables 123/124."
    ::= { t11FcSpPoNaSwConnEntry 6 }
        
           to which connectivity is allowed/not allowed."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.6.1 and tables 123/124."
    ::= { t11FcSpPoNaSwConnEntry 6 }
        
t11FcSpPoNaSwConnRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaSwConnEntry 7 }
        
t11FcSpPoNaSwConnRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaSwConnEntry 7 }
        

-- -- IP Management Entries in Non-Active IP Management List Objects --

----非活动IP管理列表对象中的IP管理条目--

t11FcSpPoNaIpMgmtTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaIpMgmtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of IP Management Entries in non-active IP Management List Objects. The IP Management List Object is a Fabric-wide Policy Object that describes which IP hosts are allowed to manage a Fabric.

T11FCSPONAIPMGMTTable对象类型T11FCSPONAIPMGMtentry MAX-ACCESS的语法序列不可访问状态当前描述“非活动IP管理列表对象中的IP管理项表。IP管理列表对象是一个结构范围的策略对象,描述允许哪些IP主机管理结构。

           One non-active IP Management List Object is represented by
           all rows of this table that have the same values of
           fcmInstanceIndex and t11FcSpPoFabricIndex."
    ::= { t11FcSpPoNonActive 7 }
        
           One non-active IP Management List Object is represented by
           all rows of this table that have the same values of
           fcmInstanceIndex and t11FcSpPoFabricIndex."
    ::= { t11FcSpPoNonActive 7 }
        

t11FcSpPoNaIpMgmtEntry OBJECT-TYPE SYNTAX T11FcSpPoNaIpMgmtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one IP Management

T11FCSPONAIPMGMENTRY对象类型语法T11FCSPONAIPMGMENTRY MAX-ACCESS不可访问状态当前描述“每个条目包含有关一个IP管理的信息

entry within a non-active IP Management List Object for the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

由T11FCSPoFabricindex标识的结构的非活动IP管理列表对象中的条目,并在由fcmInstanceIndex标识的光纤通道管理实例中进行管理。

The Policy Object Name of an IP Management Entry Policy Object is either an IPv6 Address Range or an IPv4 Address Range. In a Fabric's database of Policy Objects, every Policy Object Name, including these Internet address ranges, is represented as a (T11FcSpPolicyNameType, T11FcSpPolicyName) tuple. In contrast, this MIB module uses the conventional MIB syntax for IP addresses, and therefore represents the Policy Object Name of an IP Management Entry Policy Object as a (InetAddressType, InetAddress, InetAddress) tuple.

IP管理条目策略对象的策略对象名称是IPv6地址范围或IPv4地址范围。在结构的策略对象数据库中,每个策略对象名称(包括这些Internet地址范围)都表示为(T11FcSpPolicyNameType,T11FcSpPolicyName)元组。相反,此MIB模块对IP地址使用传统的MIB语法,因此将IP管理条目策略对象的策略对象名称表示为(InetAddressType,InetAddress,InetAddress)元组。

In theory, the use of t11FcSpPoNaIpMgmtEntryNameLow and t11FcSpPoNaIpMgmtEntryNameHigh, which have the syntax of InetAddress, in the INDEX could cause the need for excessively long OIDs. In practice, this can't happen because FC-SP doesn't allow these objects to be specified as DNS names.

理论上,在索引中使用T11FCSPONAIPMGMtentryNameLow和T11FCSPONAIPMGMtentryNameHigh(其语法为InetAddress)可能会导致需要过长的OID。实际上,这不会发生,因为FC-SP不允许将这些对象指定为DNS名称。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaIpMgmtListName,
             t11FcSpPoNaIpMgmtEntryNameType,
             t11FcSpPoNaIpMgmtEntryNameLow,
             t11FcSpPoNaIpMgmtEntryNameHigh }
    ::= { t11FcSpPoNaIpMgmtTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaIpMgmtListName,
             t11FcSpPoNaIpMgmtEntryNameType,
             t11FcSpPoNaIpMgmtEntryNameLow,
             t11FcSpPoNaIpMgmtEntryNameHigh }
    ::= { t11FcSpPoNaIpMgmtTable 1 }
        
T11FcSpPoNaIpMgmtEntry ::= SEQUENCE {
    t11FcSpPoNaIpMgmtListName        T11FcSpAlphaNumName,
    t11FcSpPoNaIpMgmtEntryNameType   InetAddressType,
    t11FcSpPoNaIpMgmtEntryNameLow    InetAddress,
    t11FcSpPoNaIpMgmtEntryNameHigh   InetAddress,
    t11FcSpPoNaIpMgmtWkpIndex        Unsigned32,
    t11FcSpPoNaIpMgmtAttribute       T11FcSpAlphaNumNameOrAbsent,
    t11FcSpPoNaIpMgmtRowStatus       RowStatus
}
        
T11FcSpPoNaIpMgmtEntry ::= SEQUENCE {
    t11FcSpPoNaIpMgmtListName        T11FcSpAlphaNumName,
    t11FcSpPoNaIpMgmtEntryNameType   InetAddressType,
    t11FcSpPoNaIpMgmtEntryNameLow    InetAddress,
    t11FcSpPoNaIpMgmtEntryNameHigh   InetAddress,
    t11FcSpPoNaIpMgmtWkpIndex        Unsigned32,
    t11FcSpPoNaIpMgmtAttribute       T11FcSpAlphaNumNameOrAbsent,
    t11FcSpPoNaIpMgmtRowStatus       RowStatus
}
        

t11FcSpPoNaIpMgmtListName OBJECT-TYPE SYNTAX T11FcSpAlphaNumName MAX-ACCESS not-accessible STATUS current DESCRIPTION

T11FCSPONAIPMGMTListName对象类型语法T11FcSpAlphaNumName MAX-ACCESS不可访问状态当前说明

           "The name of a non-active Node Membership List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 125."
    ::= { t11FcSpPoNaIpMgmtEntry 1 }
        
           "The name of a non-active Node Membership List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 125."
    ::= { t11FcSpPoNaIpMgmtEntry 1 }
        

t11FcSpPoNaIpMgmtEntryNameType OBJECT-TYPE SYNTAX InetAddressType { ipv4(1), ipv6(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The combination of t11FcSpPoNaIpMgmtEntryNameType, t11FcSpPoNaIpMgmtNameLow, and t11FcSpPoNaIpMgmtNameHigh specify the Internet address range of this IP Management Entry in the IP Management List Object.

T11FCSPONAIPMGMtentryNameType对象类型语法InetAddressType{ipv4(1),ipv6(2)}MAX-ACCESS不可访问状态当前描述“T11FCSPONAIPMGMtentryNameType,T11FCSPONAIPMGMtnameLow和T11FCSPONAIPMGMtneHigh的组合在IP管理列表对象中指定此IP管理项的Internet地址范围。

           The FC-SP specification does not allow this address to
           be specified using a DNS domain name, nor does it allow
           the specification of zone indexes.  Therefore, the
           type of address must be one of: 'ipv4' or 'ipv6'."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 and table 126."
    ::= { t11FcSpPoNaIpMgmtEntry 2 }
        
           The FC-SP specification does not allow this address to
           be specified using a DNS domain name, nor does it allow
           the specification of zone indexes.  Therefore, the
           type of address must be one of: 'ipv4' or 'ipv6'."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 and table 126."
    ::= { t11FcSpPoNaIpMgmtEntry 2 }
        

t11FcSpPoNaIpMgmtEntryNameLow OBJECT-TYPE SYNTAX InetAddress (SIZE(4 | 16)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The lower end of an Internet address range. The type of this address is given by the corresponding instance of t11FcSpPoNaIpMgmtEntryNameType.

T11FCSPONAIPMGMtentryNameLow对象类型语法InetAddress(大小(4 | 16))MAX-ACCESS not ACCESS STATUS current DESCRIPTION“Internet地址范围的下限。此地址的类型由T11FCSPONAIPMtentryNameType的相应实例给出。

           The combination of t11FcSpPoNaIpMgmtEntryNameType,
           t11FcSpPoNaIpMgmtNameLow, and t11FcSpPoIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 and table 126."
    ::= { t11FcSpPoNaIpMgmtEntry 3 }
        
           The combination of t11FcSpPoNaIpMgmtEntryNameType,
           t11FcSpPoNaIpMgmtNameLow, and t11FcSpPoIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 and table 126."
    ::= { t11FcSpPoNaIpMgmtEntry 3 }
        

t11FcSpPoNaIpMgmtEntryNameHigh OBJECT-TYPE SYNTAX InetAddress (SIZE(4 | 16))

T11FCSPONAIPMGMtentryNameHigh对象类型语法InetAddress(大小(4 | 16))

MAX-ACCESS not-accessible STATUS current DESCRIPTION "The higher end of an Internet address range. The type of this address is given by the corresponding instance of t11FcSpPoNaIpMgmtEntryNameType.

MAX-ACCESS not ACCESS STATUS current DESCRIPTION“Internet地址范围的高端。此地址的类型由T11FCSPONAIPMGMENTRYNAMETYPE的相应实例给出。

           The combination of t11FcSpPoNaIpMgmtEntryNameType,
           t11FcSpPoNaIpMgmtNameLow, and t11FcSpPoNaIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 and table 126."
    ::= { t11FcSpPoNaIpMgmtEntry 4 }
        
           The combination of t11FcSpPoNaIpMgmtEntryNameType,
           t11FcSpPoNaIpMgmtNameLow, and t11FcSpPoNaIpMgmtNameHigh
           specify the Internet address range of this IP Management
           Entry in the IP Management List Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 7.1.7.1 and table 126."
    ::= { t11FcSpPoNaIpMgmtEntry 4 }
        

t11FcSpPoNaIpMgmtWkpIndex OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-create STATUS current DESCRIPTION "This object identifies the restrictions for IP management access by IP hosts in this range of IP addresses.

T11FCSPONAIPMGMTWKPINDEX对象类型语法Unsigned32(0..4294967295)MAX-ACCESS read create STATUS current DESCRIPTION“此对象标识此IP地址范围内IP主机对IP管理访问的限制。

           The restrictions are specified as the set of Well-Known
           Protocols Access Descriptors contained in those rows of the
           t11FcSpPoNaWkpDescrTable for which the value of
           t11FcSpPoNaWkpDescrSpecifierIndx is the same as the value
           of this object.  If there are no such rows or if the value
           of this object is zero, then this IP Management Entry does
           not identify any Well-Known Protocols Access restrictions."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and tables 127/129."
    ::= { t11FcSpPoNaIpMgmtEntry 5 }
        
           The restrictions are specified as the set of Well-Known
           Protocols Access Descriptors contained in those rows of the
           t11FcSpPoNaWkpDescrTable for which the value of
           t11FcSpPoNaWkpDescrSpecifierIndx is the same as the value
           of this object.  If there are no such rows or if the value
           of this object is zero, then this IP Management Entry does
           not identify any Well-Known Protocols Access restrictions."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and tables 127/129."
    ::= { t11FcSpPoNaIpMgmtEntry 5 }
        

t11FcSpPoNaIpMgmtAttribute OBJECT-TYPE SYNTAX T11FcSpAlphaNumNameOrAbsent MAX-ACCESS read-create STATUS current DESCRIPTION "The name of a non-active Attribute Policy Object that is defined for this IP Management entry. The zero-length string indicates that no non-active Attribute Policy Object is defined for it.

T11FCSPONAIPMGMTATTribute对象类型语法T11FcSpAlphaNumNameOrAbsent MAX-ACCESS read create STATUS current DESCRIPTION“为此IP管理条目定义的非活动属性策略对象的名称。零长度字符串表示未为其定义非活动属性策略对象。

           The effect of having no rows in the t11FcSpPoNaAttribTable
           for which the value of t11FcSpPoNaAttribName is the same
           as the value of this object, is the same as this object's
           value being the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 128."
    ::= { t11FcSpPoNaIpMgmtEntry 6 }
        
           The effect of having no rows in the t11FcSpPoNaAttribTable
           for which the value of t11FcSpPoNaAttribName is the same
           as the value of this object, is the same as this object's
           value being the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 128."
    ::= { t11FcSpPoNaIpMgmtEntry 6 }
        
t11FcSpPoNaIpMgmtRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaIpMgmtEntry 7 }
        
t11FcSpPoNaIpMgmtRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaIpMgmtEntry 7 }
        

-- -- Non-Active Well-Known Protocol Access Descriptors --

----非活动的已知协议访问描述符--

t11FcSpPoNaWkpDescrTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaWkpDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of the Well-Known Protocol Access Descriptors referenced from non-active Policy Objects.

T11FCSPONAWKPDESCRTABLE对象类型T11FCSPONAWKPDESCRENTRY MAX-ACCESS not ACCESS STATUS current DESCRATION“从非活动策略对象引用的已知协议访问描述符表。

A Well-Known Protocol Access Specifier is a list of Well-Known Protocol Access Descriptors each of which specifies a protocol number, a port number, and/or various flags specifying how IP management access is restricted.

众所周知的协议访问说明符是众所周知的协议访问说明符的列表,每个说明符指定协议号、端口号和/或指定如何限制IP管理访问的各种标志。

           A non-active Well-Known Protocol Transport Access Specifier
           is represented by all rows of this table that have the same
           values of fcmInstanceIndex, t11FcSpPoFabricIndex, and
           t11FcSpPoNaWkpDescrSpecifierIndx."
    ::= { t11FcSpPoNonActive 8 }
        
           A non-active Well-Known Protocol Transport Access Specifier
           is represented by all rows of this table that have the same
           values of fcmInstanceIndex, t11FcSpPoFabricIndex, and
           t11FcSpPoNaWkpDescrSpecifierIndx."
    ::= { t11FcSpPoNonActive 8 }
        

t11FcSpPoNaWkpDescrEntry OBJECT-TYPE SYNTAX T11FcSpPoNaWkpDescrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Well-Known

T11FCSPONAWKPDESCRENTRY对象类型语法T11FCSPONAWKPDESCRENTRY MAX-ACCESS不可访问状态当前描述“每个条目包含一个已知的

Protocol Access Descriptor of a non-active Well-Known Protocol Access Specifier used within the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

在由T11FCSPoFabricindex标识的结构内使用并在由fcmInstanceIndex标识的光纤通道管理实例内管理的非活动已知协议访问说明符的协议访问说明符。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaWkpDescrSpecifierIndx,
             t11FcSpPoNaWkpDescrIndex }
    ::= { t11FcSpPoNaWkpDescrTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaWkpDescrSpecifierIndx,
             t11FcSpPoNaWkpDescrIndex }
    ::= { t11FcSpPoNaWkpDescrTable 1 }
        
T11FcSpPoNaWkpDescrEntry ::= SEQUENCE {
    t11FcSpPoNaWkpDescrSpecifierIndx    Unsigned32,
    t11FcSpPoNaWkpDescrIndex            Unsigned32,
    t11FcSpPoNaWkpDescrFlags            BITS,
    t11FcSpPoNaWkpDescrWkpNumber        Unsigned32,
    t11FcSpPoNaWkpDescrDestPort         InetPortNumber,
    t11FcSpPoNaWkpDescrRowStatus        RowStatus
}
        
T11FcSpPoNaWkpDescrEntry ::= SEQUENCE {
    t11FcSpPoNaWkpDescrSpecifierIndx    Unsigned32,
    t11FcSpPoNaWkpDescrIndex            Unsigned32,
    t11FcSpPoNaWkpDescrFlags            BITS,
    t11FcSpPoNaWkpDescrWkpNumber        Unsigned32,
    t11FcSpPoNaWkpDescrDestPort         InetPortNumber,
    t11FcSpPoNaWkpDescrRowStatus        RowStatus
}
        
t11FcSpPoNaWkpDescrSpecifierIndx OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           non-active Well-Known Protocol Access Specifier within
           a Fabric."
    ::= { t11FcSpPoNaWkpDescrEntry 1 }
        
t11FcSpPoNaWkpDescrSpecifierIndx OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           non-active Well-Known Protocol Access Specifier within
           a Fabric."
    ::= { t11FcSpPoNaWkpDescrEntry 1 }
        
t11FcSpPoNaWkpDescrIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Well-Known Protocol Access Descriptor within a
           non-active Well-Known Protocol Access Specifier."
    ::= { t11FcSpPoNaWkpDescrEntry 2 }
        
t11FcSpPoNaWkpDescrIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Well-Known Protocol Access Descriptor within a
           non-active Well-Known Protocol Access Specifier."
    ::= { t11FcSpPoNaWkpDescrEntry 2 }
        

t11FcSpPoNaWkpDescrFlags OBJECT-TYPE SYNTAX BITS { allow(0), wkpWildcard(1), destPortWildcard(2), readOnly(3)

T11FCSPONAWKPDESCRFLAGS对象类型语法位{allow(0),wkpWildcard(1),destPortWildcard(2),readOnly(3)

} MAX-ACCESS read-create STATUS current DESCRIPTION "The flag bits that specify how access is to be limited by this Well-Known Protocol Access Descriptor:

}MAX-ACCESS read create STATUS current DESCRIPTION“指定如何通过此众所周知的协议访问描述符限制访问的标志位:

- allow -- IP management access using this protocol/port is allowed if this bit is set, and to be denied if this bit is not set.

- allow——如果设置了此位,则允许使用此协议/端口的IP管理访问,如果未设置此位,则拒绝访问。

- wkpWildcard -- if this bit is set, the IP Protocol number of the Well-Known Protocol to be allowed/denied is specified by the value of t11FcSpPoNaWkpDescrWkpNumber.

- wkpWildcard——如果设置了此位,则允许/拒绝的已知协议的IP协议号由T11FCSPONAWKPDESCRWKPNUMBER的值指定。

- destPortWildcard -- if this bit is set, the Destination (TCP/UDP) Port number of the Well-Known Protocol to be allowed/denied is specified by the value of t11FcSpPoNaWkpDescrDestPort.

- destPortWildcard——如果设置了此位,则允许/拒绝的已知协议的目标(TCP/UDP)端口号由T11FCSPONAWKPDESCRDESTPORT的值指定。

            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131."
    ::= { t11FcSpPoNaWkpDescrEntry 3 }
        
            - readOnly -- if this bit is set, then access is to be
              granted only for reading."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131."
    ::= { t11FcSpPoNaWkpDescrEntry 3 }
        
t11FcSpPoNaWkpDescrWkpNumber OBJECT-TYPE
    SYNTAX       Unsigned32 (0..255)
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "When the 'wkpWildcard' bit is set in the corresponding
           instance of t11FcSpPoNaWkpDescrFlags, this object specifies
           the IP protocol number of the Well-Known Protocol."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/protocol-numbers."
    ::= { t11FcSpPoNaWkpDescrEntry 4 }
        
t11FcSpPoNaWkpDescrWkpNumber OBJECT-TYPE
    SYNTAX       Unsigned32 (0..255)
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "When the 'wkpWildcard' bit is set in the corresponding
           instance of t11FcSpPoNaWkpDescrFlags, this object specifies
           the IP protocol number of the Well-Known Protocol."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/protocol-numbers."
    ::= { t11FcSpPoNaWkpDescrEntry 4 }
        

t11FcSpPoNaWkpDescrDestPort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS read-create STATUS current DESCRIPTION

T11FCSPONAWKPDescrdestPort对象类型语法InetPortNumber MAX-ACCESS读取创建状态当前描述

           "When the 'destPortWildcard' bit is set in the corresponding
           instance of t11FcSpPoNaWkpDescrFlags, this object specifies
           the Destination (TCP/UDP) Port number of the Well-Known
           Protocol.  When the 'destPortWildcard' bit is reset, this
           object is ignored (and can have the value zero)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/port-numbers."
    ::= { t11FcSpPoNaWkpDescrEntry 5 }
        
           "When the 'destPortWildcard' bit is set in the corresponding
           instance of t11FcSpPoNaWkpDescrFlags, this object specifies
           the Destination (TCP/UDP) Port number of the Well-Known
           Protocol.  When the 'destPortWildcard' bit is reset, this
           object is ignored (and can have the value zero)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.7.1 and table 131.
            - http://www.iana.org/assignments/port-numbers."
    ::= { t11FcSpPoNaWkpDescrEntry 5 }
        
t11FcSpPoNaWkpDescrRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaWkpDescrEntry 6 }
        
t11FcSpPoNaWkpDescrRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaWkpDescrEntry 6 }
        

-- -- Attribute Entries in Non-Active Attribute Policy Objects --

----非活动属性策略对象中的属性项--

t11FcSpPoNaAttribTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of the Attribute Policy Objects being used within non-active Policy Objects.

T11FCSPONAAttributeTable对象类型T11FCSPONAAttributeEntry MAX-ACCESS的语法序列不可访问状态当前描述“非活动策略对象中使用的属性策略对象的表。

           A non-active Attribute Policy Object is represented by all
           the Attribute Entries in this table that have the same
           value of t11FcSpPoNaAttribName."
    ::= { t11FcSpPoNonActive 9 }
        
           A non-active Attribute Policy Object is represented by all
           the Attribute Entries in this table that have the same
           value of t11FcSpPoNaAttribName."
    ::= { t11FcSpPoNonActive 9 }
        

t11FcSpPoNaAttribEntry OBJECT-TYPE SYNTAX T11FcSpPoNaAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Attribute Entry contained within an Attribute Policy Object that is non-active within the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCSPONAATTRIBENTRY对象类型语法T11FCSPONAATTRIBENTRY MAX-ACCESS不可访问状态当前说明“每个条目都包含有关属性策略对象中包含的一个属性条目的信息,该属性策略对象在由T11FCSPoFabriCindex标识的结构中处于非活动状态,并在由fcmInstanceIndex标识的光纤通道管理实例中进行管理。

For some types of Attribute Policy Objects, it is valuable to break out some semantically significant parts of the Policy Object's value into their own individual MIB objects; for example, to extract the one or more individual Authentication Protocol Identifiers and associated

对于某些类型的属性策略对象,将策略对象值的一些语义上重要的部分分解为各自的MIB对象是很有价值的;例如,提取一个或多个单独的认证协议标识符和关联的

Authentication Protocol Parameters out of an Attribute containing a 'AUTH_Negotiate Message Payload'. For such types, another MIB table is defined to hold the extracted values in MIB objects specific to the Attribute Policy Object's type. In such cases, the t11FcSpPoNaAttribExtension object in this table points to the other MIB table.

身份验证协议参数来自包含“AUTH_协商消息负载”的属性。对于此类类型,定义了另一个MIB表以保存特定于属性策略对象类型的MIB对象中提取的值。在这种情况下,此表中的T11FCSPONAATTribextension对象指向另一个MIB表。

If the value of one Attribute Entry is too large (more than 256 bytes) to be contained within the value of one instance of t11FcSpPoNaAttribValue, then one row in this table contains the first 256 bytes, and one (or more) other row(s) in this table contain the rest of the value.

如果一个属性项的值太大(超过256字节),无法包含在T11FCSPONAATTribValue的一个实例的值中,则此表中的一行包含前256字节,而此表中的一行(或多行)包含该值的其余部分。

           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaAttribName, t11FcSpPoNaAttribEntryIndex,
             t11FcSpPoNaAttribPartIndex }
    ::= { t11FcSpPoNaAttribTable 1 }
        
           The StorageType of a row in this table is specified by the
           instance of t11FcSpPoStorageType that is INDEX-ed by the
           same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaAttribName, t11FcSpPoNaAttribEntryIndex,
             t11FcSpPoNaAttribPartIndex }
    ::= { t11FcSpPoNaAttribTable 1 }
        
T11FcSpPoNaAttribEntry ::= SEQUENCE {
    t11FcSpPoNaAttribName         T11FcSpAlphaNumName,
    t11FcSpPoNaAttribEntryIndex   Unsigned32,
    t11FcSpPoNaAttribPartIndex    Unsigned32,
    t11FcSpPoNaAttribType         Unsigned32,
    t11FcSpPoNaAttribValue        OCTET STRING,
    t11FcSpPoNaAttribExtension    OBJECT IDENTIFIER,
    t11FcSpPoNaAttribRowStatus    RowStatus
}
        
T11FcSpPoNaAttribEntry ::= SEQUENCE {
    t11FcSpPoNaAttribName         T11FcSpAlphaNumName,
    t11FcSpPoNaAttribEntryIndex   Unsigned32,
    t11FcSpPoNaAttribPartIndex    Unsigned32,
    t11FcSpPoNaAttribType         Unsigned32,
    t11FcSpPoNaAttribValue        OCTET STRING,
    t11FcSpPoNaAttribExtension    OBJECT IDENTIFIER,
    t11FcSpPoNaAttribRowStatus    RowStatus
}
        

t11FcSpPoNaAttribName OBJECT-TYPE SYNTAX T11FcSpAlphaNumName MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of the Attribute Policy Object containing one or more Attribute Entries." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP),

T11FCSPONAAttributeName对象类型语法T11FcSpAlphaNumName MAX-ACCESS不可访问状态当前描述“包含一个或多个属性项的属性策略对象的名称。”参考“-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),

              February 2007, section 7.1.8.1 and table 133."
    ::= { t11FcSpPoNaAttribEntry 1 }
        
              February 2007, section 7.1.8.1 and table 133."
    ::= { t11FcSpPoNaAttribEntry 1 }
        
t11FcSpPoNaAttribEntryIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique value to distinguish this Attribute Entry
           from other Attribute Entries contained in the same
           Attribute Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 133/134."
    ::= { t11FcSpPoNaAttribEntry 2 }
        
t11FcSpPoNaAttribEntryIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique value to distinguish this Attribute Entry
           from other Attribute Entries contained in the same
           Attribute Policy Object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 133/134."
    ::= { t11FcSpPoNaAttribEntry 2 }
        

t11FcSpPoNaAttribPartIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "When the value of an Attribute Entry is shorter than 257 bytes, the whole value is contained in one instance of t11FcSpPoNaAttribValue, and the value of this object is 1.

T11FCSPONAAttributePartIndex对象类型语法Unsigned32(1..4294967295)MAX-ACCESS not accessible STATUS current DESCRIPTION“当属性项的值小于257字节时,整个值包含在T11FCSPONAAttributeValue的一个实例中,此对象的值为1。

           If the value of an Attribute Entry is longer than 256 bytes,
           then that value is divided up on 256-byte boundaries such
           that all parts are 256 bytes long except the last part which
           is shorter if necessary, with each such part contained in
           a separate row of this table, and the value of this object
           is set to the part number.  That is, this object has the
           value of 1 for bytes 0-255, the value of 2 for bytes
           256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 134/135."
    ::= { t11FcSpPoNaAttribEntry 3 }
        
           If the value of an Attribute Entry is longer than 256 bytes,
           then that value is divided up on 256-byte boundaries such
           that all parts are 256 bytes long except the last part which
           is shorter if necessary, with each such part contained in
           a separate row of this table, and the value of this object
           is set to the part number.  That is, this object has the
           value of 1 for bytes 0-255, the value of 2 for bytes
           256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.1.8.1, tables 134/135."
    ::= { t11FcSpPoNaAttribEntry 3 }
        

t11FcSpPoNaAttribType OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of attribute. The first type to be defined is:

T11FCSPONAAttributeType对象类型语法Unsigned32(1..4294967295)MAX-ACCESS read create STATUS current DESCRIPTION“属性的类型。要定义的第一个类型是:

t11FcSpPoNaAttribType t11FcSpPoNaAttribValue

T11FCSPONAAttributeType T11FCSPONAAttributeValue

           =====================    ======================
             '00000001'h          The AUTH_Negotiate Message Payload
           "
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoNaAttribEntry 4 }
        
           =====================    ======================
             '00000001'h          The AUTH_Negotiate Message Payload
           "
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoNaAttribEntry 4 }
        

t11FcSpPoNaAttribValue OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..256)) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of an Attribute Entry is divided up on 256-byte boundaries such that all parts are 256 bytes long except the last part, which is shorter if necessary, and each such part is contained in a separate instance of this object.

T11FCSPONAAttributeValue对象类型语法八位字节字符串(大小(0..256))最大访问读取创建状态当前说明属性项的值按256字节的边界进行划分,这样除最后一部分(如有必要,最后一部分较短)外,所有部分的长度均为256字节,并且每个这样的部分都包含在此对象的单独实例中。

           When the value of the corresponding instance of
           t11FcSpPoNaAttribExtension is not zeroDotZero, then the same
           underlying management data has its value contained both in
           this object and in the individual/broken-out parts pointed
           to by t11FcSpPoNaAttribExtension.  Thus, after any
           modification of the underlying management data, e.g., after
           a Set operation to the value of either MIB representation,
           then that modification is reflected in the values of both
           MIB representations."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoNaAttribEntry 5 }
        
           When the value of the corresponding instance of
           t11FcSpPoNaAttribExtension is not zeroDotZero, then the same
           underlying management data has its value contained both in
           this object and in the individual/broken-out parts pointed
           to by t11FcSpPoNaAttribExtension.  Thus, after any
           modification of the underlying management data, e.g., after
           a Set operation to the value of either MIB representation,
           then that modification is reflected in the values of both
           MIB representations."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP), February 2007,
              section 7.1.8.1, tables 134/135 and table 10."
    ::= { t11FcSpPoNaAttribEntry 5 }
        

t11FcSpPoNaAttribExtension OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "For some types of Attribute Policy Object, the value of this MIB object points to type-specific MIB objects that contain individual/broken-out parts of the Attribute Policy Object's value. If this object doesn't point to such type-specific MIB objects, then it contains the value: zeroDotZero.

T11FCSPONAATTRIBEXTension对象类型语法对象标识符MAX-ACCESS只读状态当前说明对于某些类型的属性策略对象,此MIB对象的值指向特定于类型的MIB对象,这些MIB对象包含属性策略对象值的各个/分解部分。如果此对象不指向此类特定于类型的MIB对象,则它包含值:zeroDotZero。

In particular, when the value of t11FcSpPoNaAttribType indicates 'AUTH_Negotiate Message Payload', one or more

特别是,当T11FCSPONAAttributeType的值指示“AUTH_协商消息负载”时,一个或多个

Authentication Protocol Identifiers and their associated Authentication Protocol Parameters are embedded within the value of the corresponding instance of t11FcSpPoNaAttribValue; MIB objects to contain these individual values are defined in the t11FcSpPoAuthProtTable. Thus, for an 'AUTH_Negotiate Message Payload' Attribute, the value of this object would contain the OID of t11FcSpPoNaAuthProtTable.

身份验证协议标识符及其关联的身份验证协议参数嵌入在t11fcsponaattribValue的对应实例的值中;包含这些单独值的MIB对象在T11FCSPOAuthProtTable中定义。因此,对于“AUTH_协商消息负载”属性,此对象的值将包含T11FCSPONAAuthProttable的OID。

           When the value of this object is not zeroDotZero, then the
           same underlying management data has its value contained in
           both the individual/broken-out parts pointed to by this
           object and in the corresponding instance of
           t11FcSpPoNaAttribValue.  Thus, after any modification of the
           underlying management data, e.g., after a Set operation to
           the value of either MIB representation, then that
           modification is reflected in the values of both MIB
           representations."
    ::= { t11FcSpPoNaAttribEntry 6 }
        
           When the value of this object is not zeroDotZero, then the
           same underlying management data has its value contained in
           both the individual/broken-out parts pointed to by this
           object and in the corresponding instance of
           t11FcSpPoNaAttribValue.  Thus, after any modification of the
           underlying management data, e.g., after a Set operation to
           the value of either MIB representation, then that
           modification is reflected in the values of both MIB
           representations."
    ::= { t11FcSpPoNaAttribEntry 6 }
        
t11FcSpPoNaAttribRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaAttribEntry 7 }
        
t11FcSpPoNaAttribRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaAttribEntry 7 }
        

-- -- Auth. Protocol Parameters in Non-Active Attribute Policy Objects --

----啊。非活动属性策略对象中的协议参数--

t11FcSpPoNaAuthProtTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpPoNaAuthProtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Authentication Protocol Identifier and Authentication Protocol Parameters that are embedded in Attribute Policy Objects being used within non-active Policy Objects.

T11FCSPONAAuthProtTable对象类型T11FCSPONAAuthProtEntry MAX-ACCESS的语法序列不可访问状态当前描述“嵌入在非活动策略对象中使用的属性策略对象中的身份验证协议标识符和身份验证协议参数表。

This table is used for Attribute Entries of Attribute Policy Objects for which the value of t11FcSpPoNaAttribType indicates 'AUTH_Negotiate Message Payload' and the value of t11FcSpPoNaAttribExtension contains the OID of this table." REFERENCE

此表用于属性策略对象的属性项,对于这些对象,T11FCSPONAAttributeType的值表示“AUTH_协商消息负载”,T11FCSPONAAttributeExtension的值包含此表的OID。“参考

           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 5.3.2 & 7.1.8.1,
              tables 134/135 and tables 10/11."
    ::= { t11FcSpPoNonActive 10 }
        
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 5.3.2 & 7.1.8.1,
              tables 134/135 and tables 10/11."
    ::= { t11FcSpPoNonActive 10 }
        

t11FcSpPoNaAuthProtEntry OBJECT-TYPE SYNTAX T11FcSpPoNaAuthProtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each row contains information about an Authentication Protocol that is extracted out of the Attribute Entry (identified by t11FcSpPoNaAttribEntryIndex) of the non-active Policy Attribute Object (identified by t11FcSpPoNaAttribName) for the Fabric identified by t11FcSpPoFabricIndex and managed within the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCSPONAAuthProtentry对象类型语法T11FCSPONAAuthProtentry MAX-ACCESS不可访问状态当前描述“每行包含有关从非活动策略属性对象的属性项(由T11FCSPONAAttribentyIndex标识)中提取的身份验证协议的信息(由T11FCSPONAAttribName标识)用于由T11FCSPOPOFFAbricindex标识并在由fcmInstanceIndex标识的光纤通道管理实例内管理的结构。

If the value of one Attribute Protocol Parameters string is too large (more than 256 bytes) to be contained within the value of one instance of t11FcSpPoNaAuthProtParams, then one row in this table contains the first 256 bytes, and one (or more) other row(s) in this table contain the rest of the value.

如果一个属性协议参数字符串的值太大(超过256字节),无法包含在T11FCSPONAAuthProtParams的一个实例的值中,则此表中的一行包含前256个字节,而此表中的一行(或多行)包含该值的其余部分。

           The same underlying management data that is represented in
           rows of this table is also represented by the corresponding
           instances of t11FcSpPoNaAttribValue.  Thus, after any
           modification of the underlying management data, e.g., after
           a Set operation to the value of either MIB representation,
           then that modification is reflected in the values of both
           MIB representations."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaAttribName, t11FcSpPoNaAttribEntryIndex,
             t11FcSpPoNaAuthProtIdentifier,
             t11FcSpPoNaAuthProtPartIndex }
    ::= { t11FcSpPoNaAuthProtTable 1 }
        
           The same underlying management data that is represented in
           rows of this table is also represented by the corresponding
           instances of t11FcSpPoNaAttribValue.  Thus, after any
           modification of the underlying management data, e.g., after
           a Set operation to the value of either MIB representation,
           then that modification is reflected in the values of both
           MIB representations."
    INDEX  { fcmInstanceIndex, t11FcSpPoFabricIndex,
             t11FcSpPoNaAttribName, t11FcSpPoNaAttribEntryIndex,
             t11FcSpPoNaAuthProtIdentifier,
             t11FcSpPoNaAuthProtPartIndex }
    ::= { t11FcSpPoNaAuthProtTable 1 }
        
T11FcSpPoNaAuthProtEntry ::= SEQUENCE {
    t11FcSpPoNaAuthProtIdentifier   Unsigned32,
    t11FcSpPoNaAuthProtPartIndex    Unsigned32,
    t11FcSpPoNaAuthProtParams       OCTET STRING,
    t11FcSpPoNaAuthProtRowStatus    RowStatus
}
        
T11FcSpPoNaAuthProtEntry ::= SEQUENCE {
    t11FcSpPoNaAuthProtIdentifier   Unsigned32,
    t11FcSpPoNaAuthProtPartIndex    Unsigned32,
    t11FcSpPoNaAuthProtParams       OCTET STRING,
    t11FcSpPoNaAuthProtRowStatus    RowStatus
}
        

t11FcSpPoNaAuthProtIdentifier OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295)

T11FCSPONAAuthProtIdentifier对象类型语法Unsigned32(0..4294967295)

MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Authentication Protocol Identifier:

MAX-ACCESS不可访问状态当前描述“身份验证协议标识符:

1 = DH-CHAP 3 = FCPAP 4 = IKEv2 5 = IKEv2-AUTH 240 thru 255 = Vendor Specific Protocols

1=DH-CHAP 3=FCPAP 4=IKEv2 5=IKEv2认证240至255=供应商特定协议

            all other values are 'Reserved' (by T11)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 11."
    ::= { t11FcSpPoNaAuthProtEntry 1 }
        
            all other values are 'Reserved' (by T11)."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 11."
    ::= { t11FcSpPoNaAuthProtEntry 1 }
        

t11FcSpPoNaAuthProtPartIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "When the value of an Attribute Protocol Parameters string is shorter than 257 bytes, the whole value is contained in one instance of t11FcSpPoNaAuthProtParams, and the value of this object is 1. (This includes the case when the Attribute Protocol Parameters string is zero bytes in length.)

T11FCSPONAAuthProtPartIndex对象类型语法Unsigned32(1..4294967295)MAX-ACCESS不可访问状态当前描述“当属性协议参数字符串的值小于257字节时,整个值包含在T11FCSPONAAuthProtParams的一个实例中,此对象的值为1。(这包括属性协议参数字符串长度为零字节的情况。)

           If the value of an Authentication Protocol Parameters string
           is longer than 256 bytes, then that value is divided up on
           256-byte boundaries such that all parts are 256 bytes long
           except the last part, which is shorter if necessary, with
           each such part contained in a separate row of this table,
           and the value of this object is set to the part number.
           That is, this object has the value of 1 for bytes 0-255,
           the value of 2 for bytes 256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoNaAuthProtEntry 2 }
        
           If the value of an Authentication Protocol Parameters string
           is longer than 256 bytes, then that value is divided up on
           256-byte boundaries such that all parts are 256 bytes long
           except the last part, which is shorter if necessary, with
           each such part contained in a separate row of this table,
           and the value of this object is set to the part number.
           That is, this object has the value of 1 for bytes 0-255,
           the value of 2 for bytes 256-511, etc."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoNaAuthProtEntry 2 }
        

t11FcSpPoNaAuthProtParams OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..256)) MAX-ACCESS read-create STATUS current DESCRIPTION

T11FCSPONAAuthProtParams对象类型语法八位字节字符串(大小(0..256))最大访问读取创建状态当前说明

           "The value of an Authentication Protocol Parameters string
           is divided up on 256-byte boundaries such that all parts
           are 256 bytes long except the last part, which is shorter
           if necessary, and each such part is contained in a
           separate instance of this object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoNaAuthProtEntry 3 }
        
           "The value of an Authentication Protocol Parameters string
           is divided up on 256-byte boundaries such that all parts
           are 256 bytes long except the last part, which is shorter
           if necessary, and each such part is contained in a
           separate instance of this object."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 5.3.2, table 10."
    ::= { t11FcSpPoNaAuthProtEntry 3 }
        
t11FcSpPoNaAuthProtRowStatus  OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaAuthProtEntry 4 }
        
t11FcSpPoNaAuthProtRowStatus  OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpPoNaAuthProtEntry 4 }
        

-- -- Part 4 - Statistics --

----第4部分-统计--

t11FcSpPoStatsTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of statistics maintained by FC-SP Security
           Policy Servers."
    ::= { t11FcSpPoStatistics 1 }
        
t11FcSpPoStatsTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of statistics maintained by FC-SP Security
           Policy Servers."
    ::= { t11FcSpPoStatistics 1 }
        
t11FcSpPoStatsEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A set of statistics for the FC-SP Security Policy Server on
           the Fabric identified by the value of t11FcSpPoFabricIndex,
           and managed within the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX   { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoStatsTable 1 }
        
t11FcSpPoStatsEntry OBJECT-TYPE
    SYNTAX       T11FcSpPoStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A set of statistics for the FC-SP Security Policy Server on
           the Fabric identified by the value of t11FcSpPoFabricIndex,
           and managed within the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX   { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoStatsTable 1 }
        
T11FcSpPoStatsEntry ::= SEQUENCE {
    t11FcSpPoInRequests     Counter32,
    t11FcSpPoInAccepts      Counter32,
        
T11FcSpPoStatsEntry ::= SEQUENCE {
    t11FcSpPoInRequests     Counter32,
    t11FcSpPoInAccepts      Counter32,
        

t11FcSpPoInRejects Counter32 }

T11FCSPOInRejects计数器32}

t11FcSpPoInRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of FC-SP Policy Management Requests (e.g., GPS, APS, etc.) received by this FC-SP Security Policy Server on this Fabric.

T11FCSPOInRequests对象类型语法计数器32 MAX-ACCESS只读状态当前描述“此FC-SP安全策略服务器在此结构上接收的FC-SP策略管理请求(例如GPS、AP等)的数量。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3."
    ::= { t11FcSpPoStatsEntry 1 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3."
    ::= { t11FcSpPoStatsEntry 1 }
        

t11FcSpPoInAccepts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that this FC-SP Security Policy Server sent an Accept CT_IU on this Fabric in response to a received FC-SP Policy Management Request (e.g., GPS, APS, etc.).

T11FCSPOINACEPTS对象类型语法计数器32 MAX-ACCESS只读状态当前描述“此FC-SP安全策略服务器响应接收到的FC-SP策略管理请求(例如GPS、APS等)在此结构上发送接受CT_IU的次数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3."
    ::= { t11FcSpPoStatsEntry 2 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3."
    ::= { t11FcSpPoStatsEntry 2 }
        

t11FcSpPoInRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that this FC-SP Security Policy Server sent a Reject CT_IU on this Fabric in response to a received FC-SP Policy Management Request (e.g., GPS, APS, etc.).

T11FCSPOInRejects对象类型语法计数器32 MAX-ACCESS只读状态当前描述“此FC-SP安全策略服务器响应接收到的FC-SP策略管理请求(例如GPS、APS等)在此结构上发送拒绝CT_IU的次数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3."
    ::= { t11FcSpPoStatsEntry 3 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3."
    ::= { t11FcSpPoStatsEntry 3 }
        

-- -- Part 5 - Control Information & Notifications --

----第5部分-控制信息和通知--

-- -- Control Information --

----控制信息--

t11FcSpPoServerAddress OBJECT-TYPE
    SYNTAX       FcNameIdOrZero
    MAX-ACCESS   accessible-for-notify
    STATUS       current
    DESCRIPTION
           "The WWN of the FC-SP Security Policy Server that
           received a request that is referenced in a
           notification."
    ::= { t11FcSpPoControl 1 }
        
t11FcSpPoServerAddress OBJECT-TYPE
    SYNTAX       FcNameIdOrZero
    MAX-ACCESS   accessible-for-notify
    STATUS       current
    DESCRIPTION
           "The WWN of the FC-SP Security Policy Server that
           received a request that is referenced in a
           notification."
    ::= { t11FcSpPoControl 1 }
        
t11FcSpPoControlTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of control information, including the memory
           realization of FC-SP Policy Databases, and concerning
           the generation of notifications due to FC-SP
           Policy-related events."
    ::= { t11FcSpPoControl 2 }
        
t11FcSpPoControlTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpPoControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of control information, including the memory
           realization of FC-SP Policy Databases, and concerning
           the generation of notifications due to FC-SP
           Policy-related events."
    ::= { t11FcSpPoControl 2 }
        

t11FcSpPoControlEntry OBJECT-TYPE SYNTAX T11FcSpPoControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains control information specific to FC-SP Policy and Policy-related events for the Fabric identified by the value of t11FcSpPoFabricIndex, and managed within the Fibre Channel management instance identified by fcmInstanceIndex."

T11FCSPoControlEntry对象类型语法T11FCSPoControlEntry最大访问权限不可访问状态当前说明“每个条目都包含特定于由T11FCSPoFabricindex值标识的结构的FC-SP策略和策略相关事件的控制信息,并在由fcmInstanceIndex标识的光纤通道管理实例中进行管理。”

    INDEX   { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoControlTable 1 }
        
    INDEX   { fcmInstanceIndex, t11FcSpPoFabricIndex }
    ::= { t11FcSpPoControlTable 1 }
        
T11FcSpPoControlEntry ::= SEQUENCE {
     t11FcSpPoStorageType              StorageType,
     t11FcSpPoNotificationEnable       TruthValue,
     t11FcSpPoLastNotifyType           INTEGER,
     t11FcSpPoRequestSource            FcNameIdOrZero,
     t11FcSpPoReasonCode               T11NsGs4RejectReasonCode,
     t11FcSpPoCtCommandString          OCTET STRING,
     t11FcSpPoReasonCodeExp            Unsigned32,
     t11FcSpPoReasonVendorCode         OCTET STRING
}
        
T11FcSpPoControlEntry ::= SEQUENCE {
     t11FcSpPoStorageType              StorageType,
     t11FcSpPoNotificationEnable       TruthValue,
     t11FcSpPoLastNotifyType           INTEGER,
     t11FcSpPoRequestSource            FcNameIdOrZero,
     t11FcSpPoReasonCode               T11NsGs4RejectReasonCode,
     t11FcSpPoCtCommandString          OCTET STRING,
     t11FcSpPoReasonCodeExp            Unsigned32,
     t11FcSpPoReasonVendorCode         OCTET STRING
}
        

t11FcSpPoStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the memory realization of FC-SP Policy Objects and related information for a particular Fabric; specifically, for:

T11FCSPostorageType对象类型语法StorageType MAX-ACCESS读写状态当前描述“此对象指定FC-SP策略对象的内存实现以及特定结构的相关信息;具体而言,用于:

- rows created and/or modified for the particular Fabric in these tables:

- 为这些表中的特定结构创建和/或修改的行:

t11FcSpPoNaSummaryTable t11FcSpPoNaSwListTable t11FcSpPoNaSwMembTable t11FcSpPoNaNoMembTable t11FcSpPoNaCtDescrTable t11FcSpPoNaSwConnTable t11FcSpPoNaIpMgmtTable t11FcSpPoNaWkpDescrTable t11FcSpPoNaAttribTable

T11FCPONASUmmary表T11FCPONASUWListable T11FCPONASWEMBTable T11FCPONANOMEMBTable T11FCPONASWCONTABLE T11FCPONASWCONTABLE T11FCPONAIPMGMTTABLE T11FCPONAWKP可描述T11FCPONAA属性表

- the activate and deactivate actions invoked through the t11FcSpPoOperActivate and t11FcSpPoOperDeActivate objects for the particular Fabric; and

- 通过特定结构的T11FCSPooperActivate和T11FCSPooperDeactivate对象调用的激活和停用操作;和

- modified information contained in the same row as an instance of this object.

- 与此对象的实例位于同一行中的已修改信息。

           Even if an instance of this object has the value
           'permanent(4)', none of the information defined in
           this MIB module for the given Fabric needs to be
           writable."
    ::= { t11FcSpPoControlEntry 1 }
        
           Even if an instance of this object has the value
           'permanent(4)', none of the information defined in
           this MIB module for the given Fabric needs to be
           writable."
    ::= { t11FcSpPoControlEntry 1 }
        

t11FcSpPoNotificationEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether the following types of notifications:

T11FCPonotificationEnable对象类型语法TruthValue MAX-ACCESS读写状态当前描述“此对象指定以下类型的通知:

t11FcSpPoNotifyActivation, t11FcSpPoNotifyActivateFail, t11FcSpPoNotifyDeactivation and t11FcSpPoNotifyDeactivateFail

T11FCPonotifyActivation、T11FCPonotifyActivateFail、T11FCPonotifyDeactivation和T11FCPonotifyDeactivateFail

           should be generated for this Fabric."
    ::= { t11FcSpPoControlEntry 2 }
        
           should be generated for this Fabric."
    ::= { t11FcSpPoControlEntry 2 }
        
t11FcSpPoLastNotifyType OBJECT-TYPE
    SYNTAX       INTEGER {
                     none(1),
                     activation(2),
                     activateFail(3),
                     deactivation(4),
                     deactivateFail(5)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "An indication of which of the following types of
           notification is currently being/was most recently
           generated for the Fabric:
        
t11FcSpPoLastNotifyType OBJECT-TYPE
    SYNTAX       INTEGER {
                     none(1),
                     activation(2),
                     activateFail(3),
                     deactivation(4),
                     deactivateFail(5)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "An indication of which of the following types of
           notification is currently being/was most recently
           generated for the Fabric:
        

'activation' -- t11FcSpPoNotifyActivation 'activateFail' -- t11FcSpPoNotifyActivateFail 'deactivation' -- t11FcSpPoNotifyDeactivation 'deactivateFail' -- t11FcSpPoNotifyDeactivateFail

“激活”-T11FCPonotifyActivation“activateFail”-T11FCPonotifyActivateFail“失活”-T11FCPonotifyDeactivateFail“失活”-T11FCPonotifyDeactivateFail

           The value 'none' indicates that none of these types of
           notifications have been generated since the last restart
           of the network management system, and therefore that the
           corresponding instances of: t11FcSpPoRequestSource,
           t11FcSpPoReasonCode, t11FcSpPoCtCommandString,
           t11FcSpPoReasonCodeExp, and
           t11FcSpPoReasonVendorCode are irrelevant."
    ::= { t11FcSpPoControlEntry 3 }
        
           The value 'none' indicates that none of these types of
           notifications have been generated since the last restart
           of the network management system, and therefore that the
           corresponding instances of: t11FcSpPoRequestSource,
           t11FcSpPoReasonCode, t11FcSpPoCtCommandString,
           t11FcSpPoReasonCodeExp, and
           t11FcSpPoReasonVendorCode are irrelevant."
    ::= { t11FcSpPoControlEntry 3 }
        

t11FcSpPoRequestSource OBJECT-TYPE SYNTAX FcNameIdOrZero MAX-ACCESS read-only

T11FCSPOREQUESTSOURCE对象类型语法FcNameIdOrZero MAX-ACCESS只读

STATUS current DESCRIPTION "The WWN of the source of the (Activate Policy Summary or Deactivate Policy Summary) request for which the current/most recent notification of the type indicated by the corresponding instance of t11FcSpPoLastNotifyType is being/was generated.

STATUS current DESCRIPTION“为其生成T11FCSPLASTNOTIFYPE对应实例所指示类型的当前/最新通知的(激活策略摘要或停用策略摘要)请求源的WWN。

           If no source is available, the value of this object is
           the zero-length string."
    DEFVAL { "" }
    ::= { t11FcSpPoControlEntry 4 }
        
           If no source is available, the value of this object is
           the zero-length string."
    DEFVAL { "" }
    ::= { t11FcSpPoControlEntry 4 }
        

t11FcSpPoReasonCode OBJECT-TYPE SYNTAX T11NsGs4RejectReasonCode MAX-ACCESS read-only STATUS current DESCRIPTION "The reason code associated with the failure that is indicated when the value of the corresponding instance of t11FcSpPoLastNotifyType is 'activateFail' or 'deactivateFail'.

T11FCSPOREASONCODE对象类型语法T11NsGs4RejectReasonCode MAX-ACCESS只读状态当前描述“当T11FCSPROLASTNOTIFYPE的对应实例的值为“activateFail”或“deactivateFail”时指示的与故障相关联的原因代码。

           For other values of t11FcSpPoLastNotifyType, the value
           of this object is 'none(1)'."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2 & 7.3.6.3"
    ::= { t11FcSpPoControlEntry 5 }
        
           For other values of t11FcSpPoLastNotifyType, the value
           of this object is 'none(1)'."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2 & 7.3.6.3"
    ::= { t11FcSpPoControlEntry 5 }
        

t11FcSpPoCtCommandString OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The binary content of the failed request that is indicated when the value of the corresponding instance of t11FcSpPoLastNotifyType is 'activateFail' or 'deactivateFail'. The content of the request is formatted as an octet string (in network byte order) containing the CT_IU, as described in Table 2 of [FC-GS-5] (including the preamble).

T11FCSPOCOMMANDSTRING对象类型语法八位字节字符串(大小(0..255))最大访问只读状态当前说明“当T11FCSPolastNotifyType的对应实例的值为'activateFail'或'deactivateFail'时指示的失败请求的二进制内容。”。如[FC-GS-5](包括前导)表2所述,请求内容被格式化为包含CT_IU的八位字节字符串(以网络字节顺序)。

For other values of t11FcSpPoLastNotifyType, or if the CT_IU's content is unavailable, the value of this object is the zero-length string.

对于T11FCSPOLASTNOTIFYPE的其他值,或者如果CT_IU的内容不可用,则此对象的值为零长度字符串。

           When the length of this object is 255 octets, it
           contains the first 255 octets of the CT_IU (in
           network-byte order)."
    ::= { t11FcSpPoControlEntry 6 }
        
           When the length of this object is 255 octets, it
           contains the first 255 octets of the CT_IU (in
           network-byte order)."
    ::= { t11FcSpPoControlEntry 6 }
        

t11FcSpPoReasonCodeExp OBJECT-TYPE SYNTAX Unsigned32 (0..255) MAX-ACCESS read-only STATUS current DESCRIPTION "The reason code explanation associated with the failure that is indicated when the value of the corresponding instance of t11FcSpPoLastNotifyType is 'activateFail' or 'deactivateFail'.

T11FCSPOREASONCODEEXP对象类型语法Unsigned32(0..255)MAX-ACCESS只读状态当前描述“当T11FCSPROLASTNOTIFYPE的对应实例的值为“activateFail”或“deactivateFail”时,指示与故障相关的原因码解释。

           For other values of t11FcSpPoLastNotifyType, the value
           of this object is zero."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2 & 7.3.6.3"
    ::= { t11FcSpPoControlEntry 7 }
        
           For other values of t11FcSpPoLastNotifyType, the value
           of this object is zero."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2 & 7.3.6.3"
    ::= { t11FcSpPoControlEntry 7 }
        

t11FcSpPoReasonVendorCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0 | 1)) MAX-ACCESS read-only STATUS current DESCRIPTION "The vendor-specific reason code associated with the failure that is indicated when the value of the corresponding instance of t11FcSpPoLastNotifyType is 'activateFail' or 'deactivateFail'.

T11FCSPOREASONVORCODE对象类型语法八位字节字符串(大小(0 | 1))MAX-ACCESS只读状态当前描述“当T11FCSPOLASTNOTIFYPE的相应实例的值为“activateFail”或“deactivateFail”时,指示的与故障相关的供应商特定原因代码。

           For other values of t11FcSpPoLastNotifyType, or if no
           vendor-specific reason code is available, the value
           of this object is the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2 & 7.3.6.3"
    ::= { t11FcSpPoControlEntry 8 }
        
           For other values of t11FcSpPoLastNotifyType, or if no
           vendor-specific reason code is available, the value
           of this object is the zero-length string."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2 & 7.3.6.3"
    ::= { t11FcSpPoControlEntry 8 }
        

-- -- Notification definitions --

----通知定义--

t11FcSpPoNotifyActivation NOTIFICATION-TYPE OBJECTS { t11FcSpPoServerAddress,

T11FCSPonotifyActivation通知类型对象{T11FCSPoserverAddress,

                   t11FcSpPoPolicySummaryObjName,
                   t11FcSpPoRequestSource }
    STATUS       current
    DESCRIPTION
           "This notification is generated whenever a Security
           Policy Server (indicated by the value of
           t11FcSpPoServerAddress) successfully completes the
           execution of an Activate Policy Summary request.
           The value of t11FcSpPoRequestSource indicates
           the source of the APS request.  The value of
           t11FcSpPoPolicySummaryObjName indicates the name of
           the activated Policy Summary Object."
    ::= { t11FcSpPoMIBNotifications 1 }
        
                   t11FcSpPoPolicySummaryObjName,
                   t11FcSpPoRequestSource }
    STATUS       current
    DESCRIPTION
           "This notification is generated whenever a Security
           Policy Server (indicated by the value of
           t11FcSpPoServerAddress) successfully completes the
           execution of an Activate Policy Summary request.
           The value of t11FcSpPoRequestSource indicates
           the source of the APS request.  The value of
           t11FcSpPoPolicySummaryObjName indicates the name of
           the activated Policy Summary Object."
    ::= { t11FcSpPoMIBNotifications 1 }
        

t11FcSpPoNotifyActivateFail NOTIFICATION-TYPE OBJECTS { t11FcSpPoServerAddress, t11FcSpPoRequestSource, t11FcSpPoCtCommandString, t11FcSpPoReasonCode, t11FcSpPoReasonCodeExp, t11FcSpPoReasonVendorCode } STATUS current DESCRIPTION "This notification is generated whenever a Security Policy Server (indicated by the value of t11FcSpPoServerAddress) fails to complete the execution of an Activate Policy Summary request.

T11FCSPONOTIFYACTIVATEFAIL通知类型对象{T11FCSPOSERADDRESS,T11FCSPOREQUESTSOURCE,T11FCSPORETCOMMANDSTRING,T11FCSPOREANCODE,T11FCSPOREANCODEEXP,T11FCSPOREANSONDORCODE}状态当前描述“每当安全策略服务器(由T11FCSPOSERADDRESS的值指示)时都会生成此通知”无法完成激活策略摘要请求的执行。

           The value of t11FcSpPoCtCommandString indicates the
           rejected request, and the values of t11FcSpPoReasonCode,
           t11FcSpPoReasonCodeExp, and t11FcSpPoReasonVendorCode
           indicate the reason for the rejection.  The value of
           t11FcSpPoRequestSource indicates the source of the
           request."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2."
    ::= { t11FcSpPoMIBNotifications 2 }
        
           The value of t11FcSpPoCtCommandString indicates the
           rejected request, and the values of t11FcSpPoReasonCode,
           t11FcSpPoReasonCodeExp, and t11FcSpPoReasonVendorCode
           indicate the reason for the rejection.  The value of
           t11FcSpPoRequestSource indicates the source of the
           request."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.2."
    ::= { t11FcSpPoMIBNotifications 2 }
        

t11FcSpPoNotifyDeactivation NOTIFICATION-TYPE OBJECTS { t11FcSpPoServerAddress, t11FcSpPoRequestSource } STATUS current DESCRIPTION "This notification is generated whenever a Security Policy Server (indicated by the value of t11FcSpPoServerAddress) successfully completes the

T11FCSPOnotifyDeactivation通知类型对象{T11FCSPOServerAddress,T11FCSPoreQuestSource}状态当前描述“每当安全策略服务器(由T11FCSPOServerAddress值指示)成功完成

           execution of a Deactivate Policy Summary request.
           The value of t11FcSpPoRequestSource indicates
           the source of the DPS request."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.3."
    ::= { t11FcSpPoMIBNotifications 3 }
        
           execution of a Deactivate Policy Summary request.
           The value of t11FcSpPoRequestSource indicates
           the source of the DPS request."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 7.3.6.3."
    ::= { t11FcSpPoMIBNotifications 3 }
        

t11FcSpPoNotifyDeactivateFail NOTIFICATION-TYPE OBJECTS { t11FcSpPoServerAddress, t11FcSpPoRequestSource, t11FcSpPoCtCommandString, t11FcSpPoReasonCode, t11FcSpPoReasonCodeExp, t11FcSpPoReasonVendorCode } STATUS current DESCRIPTION "This notification is generated whenever a Security Policy Server (indicated by the value of t11FcSpPoServerAddress) fails to complete the execution of a Deactivate Policy Summary request.

T11FCSPONOTIFYDEACTIVEFAIL通知类型对象{T11FCSPOSERADDRESS,T11FCSPOREQUESTSOURCE,T11FCSPORETCOMMANDSTRING,T11FCSPOREANCODE,T11FCSPOREANCODEEXP,T11FCSPOREANSONDORCODE}状态当前描述“每当安全策略服务器(由T11FCSPOSERADDRESS的值指示)时,都会生成此通知”无法完成停用策略摘要请求的执行。

           The value of t11FcSpPoCtCommandString indicates the
           rejected request, and the values of t11FcSpPoReasonCode,
           t11FcSpPoReasonCodeExp, and t11FcSpPoReasonVendorCode
           indicate the reason for the rejection.  The value of
           t11FcSpPoRequestSource indicates the source of the
           request."
    ::= { t11FcSpPoMIBNotifications 4 }
        
           The value of t11FcSpPoCtCommandString indicates the
           rejected request, and the values of t11FcSpPoReasonCode,
           t11FcSpPoReasonCodeExp, and t11FcSpPoReasonVendorCode
           indicate the reason for the rejection.  The value of
           t11FcSpPoRequestSource indicates the source of the
           request."
    ::= { t11FcSpPoMIBNotifications 4 }
        

-- -- Conformance --

----一致性--

t11FcSpPoMIBCompliances
                    OBJECT IDENTIFIER ::= { t11FcSpPoMIBConformance 1 }
t11FcSpPoMIBGroups  OBJECT IDENTIFIER ::= { t11FcSpPoMIBConformance 2 }
        
t11FcSpPoMIBCompliances
                    OBJECT IDENTIFIER ::= { t11FcSpPoMIBConformance 1 }
t11FcSpPoMIBGroups  OBJECT IDENTIFIER ::= { t11FcSpPoMIBConformance 2 }
        

t11FcSpPoMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that support the Fabric Policies defined in FC-SP,"

T11FCSPOMIBCompliance MODULE-COMPLIANCE STATUS当前描述“支持FC-SP中定义的结构策略的实体的符合性声明,”

MODULE -- this module MANDATORY-GROUPS { t11FcSpPoActiveObjectsGroup }

模块--此模块是必需的组{T11FCSPoActiveObjectsGroup}

GROUP t11FcSpPoNonActiveObjectsGroup DESCRIPTION "These objects are mandatory for FC-SP Security Policy Servers."

组T11FCPONONActiveObjectsGroup DESCRIPTION“这些对象对于FC-SP安全策略服务器是必需的。”

GROUP t11FcSpPoNotifyObjectsGroup DESCRIPTION "These objects are mandatory for FC-SP Security Policy Servers."

组T11FCPonotifyObjectsGroup DESCRIPTION“这些对象对于FC-SP安全策略服务器是必需的。”

GROUP t11FcSpPoNotificationGroup DESCRIPTION "These notifications are mandatory for FC-SP Security Policy Servers."

组T11FCSP通知组说明“这些通知对于FC-SP安全策略服务器是必需的。”

GROUP t11FcSpPoOperationsObjectsGroup DESCRIPTION "These objects are mandatory only for FC-SP Security Policy Servers that support the activation/deactivation of policies via SNMP."

组T11FCSPOOOperationsObjectsGroup DESCRIPTION“这些对象仅对于支持通过SNMP激活/停用策略的FC-SP安全策略服务器是必需的。”

GROUP t11FcSpPoStatsObjectsGroup DESCRIPTION "These objects are optional."

组T11FCPSPOSTATSObjectsGroup DESCRIPTION“这些对象是可选的。”

-- Write access is not required for any objects in this MIB module:

--此MIB模块中的任何对象都不需要写访问权限:

OBJECT t11FcSpPoOperActivate MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPOOPERACTIVE最小访问只读描述“不需要写访问。”

OBJECT t11FcSpPoOperDeActivate MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPOOPERDEACTIVE MIN-ACCESS只读描述“不需要写访问。”

OBJECT t11FcSpPoStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPostorageType MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNotificationEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPonotificationEnable最小访问只读描述“不需要写访问。”

        OBJECT       t11FcSpPoNaSummaryPolicyNameType
        
        OBJECT       t11FcSpPoNaSummaryPolicyNameType
        

MIN-ACCESS read-only DESCRIPTION "Write access is not required."

MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSummaryPolicyName MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASUMaryPolicyName最小访问只读描述“不需要写访问。”

OBJECT t11FcSpPoNaSummaryHashStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASUMARYHASHSTATUS MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSummaryRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASUMARYROWSTATUS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwListFabricName MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWListFabricName最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwListRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWLISTROWSTATUS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwMembFlags MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWMEMBFLAGS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwMembDomainID MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWMEMBDOMAIID最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwMembPolicyDataRole MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWMEMBPolicyDataRole最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwMembAuthBehaviour MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWMEMBAuthBehavior MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwMembAttribute MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWMEMBATTribute MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwMembRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWMEMBROWSTATUS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaNoMembFlags MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONANOMEMBFLAGS最小访问只读描述“不需要写访问。”

OBJECT t11FcSpPoNaNoMembCtAccessIndex MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONANOMEMBCTAccessIndex最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaNoMembAttribute MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONANOMEMBATTribute MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaNoMembRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONANOMEMBROWSTATUS MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaCtDescrFlags MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPONACTDESCRFLAGS最小访问只读描述“不需要写访问。”

OBJECT t11FcSpPoNaCtDescrGsType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPONACTDESCRGSTYPE最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaCtDescrGsSubType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPONACTDESCRGSUBTYPE MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaCtDescrRowStatus MIN-ACCESS read-only DESCRIPTION

对象T11FCPONACTDESCRROWSTATUS最小访问只读说明

"Write access is not required."

“不需要写访问权限。”

OBJECT t11FcSpPoNaSwConnAllowedNameType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWCONNALLOWEDNAMETYPE MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwConnAllowedName MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWCONNALLOWEDNAME MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaSwConnRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONASWCONNROWSTATUS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaIpMgmtWkpIndex MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAIPMGMTWKPINDEX MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaIpMgmtAttribute MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAIPMGMTATTribute MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaIpMgmtRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAIPMGMTROWSTATUS MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaWkpDescrFlags MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAWKPDESCRFLAGS最小访问只读描述“不需要写访问。”

OBJECT t11FcSpPoNaWkpDescrWkpNumber MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAWKPDESCRWKPNUMBER MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaWkpDescrDestPort MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAWKPDESCREDSTPORT MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaWkpDescrRowStatus

对象T11FCSPONAWKPDESCRROWSTATUS

MIN-ACCESS read-only DESCRIPTION "Write access is not required."

MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaAttribType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAAttributeType MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpPoNaAttribValue MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAAttributeValue最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaAttribRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAAttributeRowStatus最小访问只读描述“不需要写访问。”

OBJECT t11FcSpPoNaAuthProtParams MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAAuthProtParams最小访问只读说明“不需要写访问。”

OBJECT t11FcSpPoNaAuthProtRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPONAAuthProrowStatus最小访问只读描述“不需要写访问。”

    ::= { t11FcSpPoMIBCompliances 1 }
        
    ::= { t11FcSpPoMIBCompliances 1 }
        

-- Units of Conformance

--一致性单位

t11FcSpPoActiveObjectsGroup OBJECT-GROUP OBJECTS { t11FcSpPoPolicySummaryObjName, t11FcSpPoAdminFabricName, t11FcSpPoActivatedTimeStamp, t11FcSpPoSummaryPolicyType, t11FcSpPoSummaryHashFormat, t11FcSpPoSummaryHashValue, t11FcSpPoSwMembSwitchFlags, t11FcSpPoSwMembDomainID, t11FcSpPoSwMembPolicyDataRole, t11FcSpPoSwMembAuthBehaviour, t11FcSpPoSwMembAttribute, t11FcSpPoNoMembFlags, t11FcSpPoNoMembCtAccessIndex, t11FcSpPoNoMembAttribute,

T11FCSPoActiveObjectsGroup对象组对象{T11FCSPOPolicySummaryObjName、T11FCSPOPAdminFabricName、T11FCSPOPActivatedTimeStamp、T11FCSPOSUMmaryPolicyType、T11FCSPOSUMmaryHashFormat、T11FCSPOSUMmaryHashValue、T11FCSPOSWMembSwitchFlags、T11FCSPOSWMembDomainId、T11FCSPOSWMembPolicyDataRole、T11FCSPOSWMemBauthBehavior、T11FCSPOSPWembFlags、T11FCSPOSPMbomeMBCtAccessIndex,t11fcsponomembattribute,

                 t11FcSpPoCtDescrFlags,
                 t11FcSpPoCtDescrGsType,
                 t11FcSpPoCtDescrGsSubType,
                 t11FcSpPoSwConnAllowedNameType,
                 t11FcSpPoSwConnAllowedName,
                 t11FcSpPoIpMgmtWkpIndex,
                 t11FcSpPoIpMgmtAttribute,
                 t11FcSpPoWkpDescrFlags,
                 t11FcSpPoWkpDescrWkpNumber,
                 t11FcSpPoWkpDescrDestPort,
                 t11FcSpPoAttribType,
                 t11FcSpPoAttribValue,
                 t11FcSpPoAttribExtension,
                 t11FcSpPoAuthProtParams
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that contain information
           about active Policy Objects that express Fibre Channel
           Security (FC-SP) policy."
    ::= { t11FcSpPoMIBGroups 1 }
        
                 t11FcSpPoCtDescrFlags,
                 t11FcSpPoCtDescrGsType,
                 t11FcSpPoCtDescrGsSubType,
                 t11FcSpPoSwConnAllowedNameType,
                 t11FcSpPoSwConnAllowedName,
                 t11FcSpPoIpMgmtWkpIndex,
                 t11FcSpPoIpMgmtAttribute,
                 t11FcSpPoWkpDescrFlags,
                 t11FcSpPoWkpDescrWkpNumber,
                 t11FcSpPoWkpDescrDestPort,
                 t11FcSpPoAttribType,
                 t11FcSpPoAttribValue,
                 t11FcSpPoAttribExtension,
                 t11FcSpPoAuthProtParams
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that contain information
           about active Policy Objects that express Fibre Channel
           Security (FC-SP) policy."
    ::= { t11FcSpPoMIBGroups 1 }
        
t11FcSpPoOperationsObjectsGroup OBJECT-GROUP
    OBJECTS  {   t11FcSpPoOperActivate,
                 t11FcSpPoOperDeActivate,
                 t11FcSpPoOperResult,
                 t11FcSpPoOperFailCause
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that allow a new set of
           Fibre Channel Security (FC-SP) policies to be activated
           or an existing set to be deactivated."
    ::= { t11FcSpPoMIBGroups 2 }
        
t11FcSpPoOperationsObjectsGroup OBJECT-GROUP
    OBJECTS  {   t11FcSpPoOperActivate,
                 t11FcSpPoOperDeActivate,
                 t11FcSpPoOperResult,
                 t11FcSpPoOperFailCause
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that allow a new set of
           Fibre Channel Security (FC-SP) policies to be activated
           or an existing set to be deactivated."
    ::= { t11FcSpPoMIBGroups 2 }
        

t11FcSpPoNonActiveObjectsGroup OBJECT-GROUP OBJECTS { t11FcSpPoStorageType, t11FcSpPoNaSummaryPolicyNameType, t11FcSpPoNaSummaryPolicyName, t11FcSpPoNaSummaryHashStatus, t11FcSpPoNaSummaryHashFormat, t11FcSpPoNaSummaryHashValue, t11FcSpPoNaSummaryRowStatus, t11FcSpPoNaSwListFabricName, t11FcSpPoNaSwListRowStatus, t11FcSpPoNaSwMembFlags, t11FcSpPoNaSwMembDomainID, t11FcSpPoNaSwMembPolicyDataRole,

T11FCPONONActiveObjectsGroup对象组对象{T11FCPSpostOrageType,T11FCPSponasumaryPolicyName类型,T11FCPSponasumaryPolicyName,T11FCPSponasumaryHashStatus,T11FCponasumaryHashFormat,T11FCponasumaryHashValue,T11FCponasumaryRowStatus,T11FCponaswListRowStatus,T11FCponaswmembFlags,T11FCponaswmembDominId,T11FCponaswmbPolicyRowStatus,

                 t11FcSpPoNaSwMembAuthBehaviour,
                 t11FcSpPoNaSwMembAttribute,
                 t11FcSpPoNaSwMembRowStatus,
                 t11FcSpPoNaNoMembFlags,
                 t11FcSpPoNaNoMembCtAccessIndex,
                 t11FcSpPoNaNoMembAttribute,
                 t11FcSpPoNaNoMembRowStatus,
                 t11FcSpPoNaCtDescrFlags,
                 t11FcSpPoNaCtDescrGsType,
                 t11FcSpPoNaCtDescrGsSubType,
                 t11FcSpPoNaCtDescrRowStatus,
                 t11FcSpPoNaSwConnAllowedNameType,
                 t11FcSpPoNaSwConnAllowedName,
                 t11FcSpPoNaSwConnRowStatus,
                 t11FcSpPoNaIpMgmtWkpIndex,
                 t11FcSpPoNaIpMgmtAttribute,
                 t11FcSpPoNaIpMgmtRowStatus,
                 t11FcSpPoNaWkpDescrFlags,
                 t11FcSpPoNaWkpDescrWkpNumber,
                 t11FcSpPoNaWkpDescrDestPort,
                 t11FcSpPoNaWkpDescrRowStatus,
                 t11FcSpPoNaAttribType,
                 t11FcSpPoNaAttribValue,
                 t11FcSpPoNaAttribExtension,
                 t11FcSpPoNaAttribRowStatus,
                 t11FcSpPoNaAuthProtParams,
                 t11FcSpPoNaAuthProtRowStatus
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that contain information
           about non-active Policy Objects available for activation
           in order to change Fibre Channel Security (FC-SP) policy."
    ::= { t11FcSpPoMIBGroups 3 }
        
                 t11FcSpPoNaSwMembAuthBehaviour,
                 t11FcSpPoNaSwMembAttribute,
                 t11FcSpPoNaSwMembRowStatus,
                 t11FcSpPoNaNoMembFlags,
                 t11FcSpPoNaNoMembCtAccessIndex,
                 t11FcSpPoNaNoMembAttribute,
                 t11FcSpPoNaNoMembRowStatus,
                 t11FcSpPoNaCtDescrFlags,
                 t11FcSpPoNaCtDescrGsType,
                 t11FcSpPoNaCtDescrGsSubType,
                 t11FcSpPoNaCtDescrRowStatus,
                 t11FcSpPoNaSwConnAllowedNameType,
                 t11FcSpPoNaSwConnAllowedName,
                 t11FcSpPoNaSwConnRowStatus,
                 t11FcSpPoNaIpMgmtWkpIndex,
                 t11FcSpPoNaIpMgmtAttribute,
                 t11FcSpPoNaIpMgmtRowStatus,
                 t11FcSpPoNaWkpDescrFlags,
                 t11FcSpPoNaWkpDescrWkpNumber,
                 t11FcSpPoNaWkpDescrDestPort,
                 t11FcSpPoNaWkpDescrRowStatus,
                 t11FcSpPoNaAttribType,
                 t11FcSpPoNaAttribValue,
                 t11FcSpPoNaAttribExtension,
                 t11FcSpPoNaAttribRowStatus,
                 t11FcSpPoNaAuthProtParams,
                 t11FcSpPoNaAuthProtRowStatus
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that contain information
           about non-active Policy Objects available for activation
           in order to change Fibre Channel Security (FC-SP) policy."
    ::= { t11FcSpPoMIBGroups 3 }
        
t11FcSpPoStatsObjectsGroup OBJECT-GROUP
    OBJECTS  {   t11FcSpPoInRequests,
                 t11FcSpPoInAccepts,
                 t11FcSpPoInRejects
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that contain statistics
           that can be maintained by FC-SP Security Policy Servers."
    ::= { t11FcSpPoMIBGroups 4 }
        
t11FcSpPoStatsObjectsGroup OBJECT-GROUP
    OBJECTS  {   t11FcSpPoInRequests,
                 t11FcSpPoInAccepts,
                 t11FcSpPoInRejects
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects that contain statistics
           that can be maintained by FC-SP Security Policy Servers."
    ::= { t11FcSpPoMIBGroups 4 }
        

t11FcSpPoNotifyObjectsGroup OBJECT-GROUP OBJECTS { t11FcSpPoNotificationEnable,

T11FCPonotifyObjectsGroup对象组对象{T11FCPonotificationEnable,

                 t11FcSpPoServerAddress,
                 t11FcSpPoLastNotifyType,
                 t11FcSpPoRequestSource,
                 t11FcSpPoReasonCode,
                 t11FcSpPoCtCommandString,
                 t11FcSpPoReasonCodeExp,
                 t11FcSpPoReasonVendorCode
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects to control the generation of
           notifications concerning Fibre Channel Security (FC-SP)
           policy, and to hold information contained in such
           notifications."
    ::= { t11FcSpPoMIBGroups 5 }
        
                 t11FcSpPoServerAddress,
                 t11FcSpPoLastNotifyType,
                 t11FcSpPoRequestSource,
                 t11FcSpPoReasonCode,
                 t11FcSpPoCtCommandString,
                 t11FcSpPoReasonCodeExp,
                 t11FcSpPoReasonVendorCode
             }
    STATUS   current
    DESCRIPTION
           "A collection of MIB objects to control the generation of
           notifications concerning Fibre Channel Security (FC-SP)
           policy, and to hold information contained in such
           notifications."
    ::= { t11FcSpPoMIBGroups 5 }
        
t11FcSpPoNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS  {   t11FcSpPoNotifyActivation,
                       t11FcSpPoNotifyActivateFail,
                       t11FcSpPoNotifyDeactivation,
                       t11FcSpPoNotifyDeactivateFail
                   }
    STATUS   current
    DESCRIPTION
           "A collection of notifications of events concerning
           Fibre Channel Security (FC-SP) policy."
    ::= { t11FcSpPoMIBGroups 6 }
        
t11FcSpPoNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS  {   t11FcSpPoNotifyActivation,
                       t11FcSpPoNotifyActivateFail,
                       t11FcSpPoNotifyDeactivation,
                       t11FcSpPoNotifyDeactivateFail
                   }
    STATUS   current
    DESCRIPTION
           "A collection of notifications of events concerning
           Fibre Channel Security (FC-SP) policy."
    ::= { t11FcSpPoMIBGroups 6 }
        

END

终止

6.5. The T11-FC-SP-SA-MIB Module
6.5. T11-FC-SP-SA-MIB模块
--*******************************************************************
-- FC-SP Security Associations
--
        
--*******************************************************************
-- FC-SP Security Associations
--
        
T11-FC-SP-SA-MIB  DEFINITIONS ::= BEGIN
        
T11-FC-SP-SA-MIB  DEFINITIONS ::= BEGIN
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
    Unsigned32, Counter32, Counter64, TimeTicks, Gauge32,
    mib-2                 FROM SNMPv2-SMI              -- [RFC2578]
    RowStatus, StorageType, AutonomousType, TimeStamp,
    TruthValue            FROM SNMPv2-TC               -- [RFC2579]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                          FROM SNMPv2-CONF             -- [RFC2580]
    InterfaceIndex,
        
IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
    Unsigned32, Counter32, Counter64, TimeTicks, Gauge32,
    mib-2                 FROM SNMPv2-SMI              -- [RFC2578]
    RowStatus, StorageType, AutonomousType, TimeStamp,
    TruthValue            FROM SNMPv2-TC               -- [RFC2579]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                          FROM SNMPv2-CONF             -- [RFC2580]
    InterfaceIndex,
        
    InterfaceIndexOrZero  FROM IF-MIB                  -- [RFC2863]
    fcmInstanceIndex,
    FcAddressIdOrZero     FROM FC-MGMT-MIB             -- [RFC4044]
    T11FabricIndex        FROM T11-TC-MIB              -- [RFC4439]
    T11FcSpType,
    T11FcSpiIndex,
    T11FcSpLifetimeLeft,
    T11FcSpLifetimeLeftUnits,
    T11FcSpSecurityProtocolId,
    T11FcRoutingControl,
    T11FcSaDirection,
    T11FcSpPrecedence,
    T11FcSpTransforms      FROM T11-FC-SP-TC-MIB;
        
    InterfaceIndexOrZero  FROM IF-MIB                  -- [RFC2863]
    fcmInstanceIndex,
    FcAddressIdOrZero     FROM FC-MGMT-MIB             -- [RFC4044]
    T11FabricIndex        FROM T11-TC-MIB              -- [RFC4439]
    T11FcSpType,
    T11FcSpiIndex,
    T11FcSpLifetimeLeft,
    T11FcSpLifetimeLeftUnits,
    T11FcSpSecurityProtocolId,
    T11FcRoutingControl,
    T11FcSaDirection,
    T11FcSpPrecedence,
    T11FcSpTransforms      FROM T11-FC-SP-TC-MIB;
        

t11FcSpSaMIB MODULE-IDENTITY LAST-UPDATED "200808200000Z" ORGANIZATION "This MIB module was developed through the coordinated effort of two organizations: T11 began the development and the IETF (in the IMSS Working Group) finished it." CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com

t11FcSpSaMIB模块-标识最后更新的“200808200000Z”组织“该MIB模块是通过两个组织的协调工作开发的:T11开始开发,IETF(在IMSS工作组中)完成了开发。”联系信息“Claudio DeSanti Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号,邮编95134电子邮件:cds@cisco.com

Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Email: kzm@cisco.com" DESCRIPTION "This MIB module specifies the management information required to manage Security Associations established via Fibre Channel's FC-SP specification.

Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞市西塔斯曼大道170号邮编:95134电子邮件:kzm@cisco.com“说明”此MIB模块指定管理通过光纤通道FC-SP规范建立的安全关联所需的管理信息。

The MIB module consists of six parts:

MIB模块由六部分组成:

- a per-Fabric table, t11FcSpSaIfTable, of capabilities, parameters, status information, and counters; the counters include non-transient aggregates of per-SA transient counters;

- 功能、参数、状态信息和计数器的每个结构表T11FCSSAIFTABLE;计数器包括每SA瞬态计数器的非瞬态聚合;

- three tables, t11FcSpSaPropTable, t11FcSpSaTSelPropTable, and t11FcSpSaTransTable, specifying the proposals for an FC-SP entity acting as an SA_Initiator to present to the SA_Responder during the negotiation of Security

- 三个表,T11FCPSAPROPTABLE、T11FCSSATSELPROPTABLE和T11FCSSATTRANSABLE,规定了FC-SP实体作为SA_发起人在安全协商期间向SA_响应者提交的提案

Associations. The same information is also used by an FC-SP entity acting as an SA_Responder to decide what to accept during the negotiation of Security Associations. One of these tables, t11FcSpSaTransTable, is used not only for information about security transforms to propose and to accept, but also as agreed upon during the negotiation of Security Associations;

协会。作为SA_响应者的FC-SP实体也使用相同的信息来决定在安全关联协商期间接受什么。其中一个表T11FCPSATranstable不仅用于建议和接受的安全转换信息,还用于在安全关联协商过程中商定的信息;

- a table, t11FcSpSaTSelDrByTable, of Traffic Selectors having the security action of 'drop' or 'bypass' to be applied either to ingress traffic that is unprotected by FC-SP, or to all egress traffic;

- 流量选择器的表T11FCPSATSELDRBYTABLE,具有“丢弃”或“旁路”的安全动作,可应用于FC-SP未保护的入口流量或所有出口流量;

- four tables, t11FcSpSaPairTable, t11FcSpSaTSelNegInTable, t11FcSpSaTSelNegOutTable, and t11FcSpSaTSelSpiTable, containing information about active bidirectional pairs of Security Associations; in particular, t11FcSpSaPairTable has one row per active bidirectional SA pair, t11FcSpSaTSelNegInTable and t11FcSpSaTSelNegOutTable contain information on the Traffic Selectors negotiated on the SAs, and the t11FcSpSaTSelSpiTable is an alternate lookup table such that the Traffic Selector(s) in use on a particular Security Association can be quickly determined based on the (ingress) SPI value;

- 四个表,T11FCSSAPAIRTABLE、T11FCSSATSELNENGTABLE、T11FCSSATSELNENGOUTTABLE和T11FCSSATSELSPITABLE,包含有关活动双向安全关联对的信息;特别是,T11FCSSAPAIRSTABLE每个活动双向SA对有一行,T11FCSSATSELNEGGATABLE和T11FCSSATSELNEGGOUTTABLE包含有关SAs上协商的流量选择器的信息,T11FCSSATSELSPITABLE是一个备用查找表,以便流量选择器可以基于(入口)SPI值快速确定在特定安全关联上的使用;

- a table, t11FcSpSaControlTable, of control and other information concerning the generation of notifications for events related to FC-SP Security Associations;

- 控制表T11FCPSASCONTROLTABLE以及与FC-SP安全关联相关事件通知生成相关的其他信息;

- one notification, t11FcSpSaNotifyAuthFailure, generated on the occurrence of an Authentication failure for a received FC-2 or CT_IU frame.

- 在接收到的FC-2或CT_IU帧发生身份验证失败时生成一个通知T11FCPSSANOTIFYAUTHFAILURE。

           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 179 }
        
           Copyright (C) The IETF Trust (2008).  This version
           of this MIB module is part of RFC 5324;  see the RFC
           itself for full legal notices."
    REVISION  "200808200000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 5324."
    ::= { mib-2 179 }
        
t11FcSpSaMIBNotifications OBJECT IDENTIFIER ::= { t11FcSpSaMIB 0 }
t11FcSpSaMIBObjects     OBJECT IDENTIFIER ::= { t11FcSpSaMIB 1 }
t11FcSpSaMIBConformance OBJECT IDENTIFIER ::= { t11FcSpSaMIB 2 }
t11FcSpSaBase           OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 1 }
t11FcSpSaConfig         OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 2 }
t11FcSpSaActive         OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 3 }
t11FcSpSaControl        OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 4 }
        
t11FcSpSaMIBNotifications OBJECT IDENTIFIER ::= { t11FcSpSaMIB 0 }
t11FcSpSaMIBObjects     OBJECT IDENTIFIER ::= { t11FcSpSaMIB 1 }
t11FcSpSaMIBConformance OBJECT IDENTIFIER ::= { t11FcSpSaMIB 2 }
t11FcSpSaBase           OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 1 }
t11FcSpSaConfig         OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 2 }
t11FcSpSaActive         OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 3 }
t11FcSpSaControl        OBJECT IDENTIFIER ::= { t11FcSpSaMIBObjects 4 }
        

-- -- Base-level Per-Fabric Information --

----每个结构的基本级别信息--

t11FcSpSaIfTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaIfEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing per-Fabric information related to
           FC-SP Security Associations."
    ::= { t11FcSpSaBase 1 }
        
t11FcSpSaIfTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaIfEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing per-Fabric information related to
           FC-SP Security Associations."
    ::= { t11FcSpSaBase 1 }
        
t11FcSpSaIfEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaIfEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information related to Security
           Associations on a particular Fabric, and managed as part
           of the Fibre Channel management instance identified by
           fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaIfFabricIndex }
    ::= { t11FcSpSaIfTable 1 }
        
t11FcSpSaIfEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaIfEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information related to Security
           Associations on a particular Fabric, and managed as part
           of the Fibre Channel management instance identified by
           fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaIfFabricIndex }
    ::= { t11FcSpSaIfTable 1 }
        
T11FcSpSaIfEntry ::= SEQUENCE {
    t11FcSpSaIfIndex               InterfaceIndexOrZero,
    t11FcSpSaIfFabricIndex         T11FabricIndex,
             -- capabilities
    t11FcSpSaIfEspHeaderCapab      T11FcSpTransforms,
    t11FcSpSaIfCTAuthCapab         T11FcSpTransforms,
    t11FcSpSaIfIKEv2Capab          T11FcSpTransforms,
    t11FcSpSaIfIkev2AuthCapab      TruthValue,
             -- parameters and status
    t11FcSpSaIfStorageType         StorageType,
    t11FcSpSaIfReplayPrevention    TruthValue,
    t11FcSpSaIfReplayWindowSize    Unsigned32,
    t11FcSpSaIfDeadPeerDetections  Counter32,
    t11FcSpSaIfTerminateAllSas     INTEGER,
             -- summary frame counters
    t11FcSpSaIfOutDrops            Counter64,
    t11FcSpSaIfOutBypasses         Counter64,
    t11FcSpSaIfOutProcesses        Counter64,
    t11FcSpSaIfOutUnMatcheds       Counter64,
    t11FcSpSaIfInUnprotUnmtchDrops Counter64,
             -- aggregates of per-SA transient counters
    t11FcSpSaIfInDetReplays        Counter64,
        
T11FcSpSaIfEntry ::= SEQUENCE {
    t11FcSpSaIfIndex               InterfaceIndexOrZero,
    t11FcSpSaIfFabricIndex         T11FabricIndex,
             -- capabilities
    t11FcSpSaIfEspHeaderCapab      T11FcSpTransforms,
    t11FcSpSaIfCTAuthCapab         T11FcSpTransforms,
    t11FcSpSaIfIKEv2Capab          T11FcSpTransforms,
    t11FcSpSaIfIkev2AuthCapab      TruthValue,
             -- parameters and status
    t11FcSpSaIfStorageType         StorageType,
    t11FcSpSaIfReplayPrevention    TruthValue,
    t11FcSpSaIfReplayWindowSize    Unsigned32,
    t11FcSpSaIfDeadPeerDetections  Counter32,
    t11FcSpSaIfTerminateAllSas     INTEGER,
             -- summary frame counters
    t11FcSpSaIfOutDrops            Counter64,
    t11FcSpSaIfOutBypasses         Counter64,
    t11FcSpSaIfOutProcesses        Counter64,
    t11FcSpSaIfOutUnMatcheds       Counter64,
    t11FcSpSaIfInUnprotUnmtchDrops Counter64,
             -- aggregates of per-SA transient counters
    t11FcSpSaIfInDetReplays        Counter64,
        

t11FcSpSaIfInUnprotMtchDrops Counter64, t11FcSpSaIfInBadXforms Counter64, t11FcSpSaIfInGoodXforms Counter64, t11FcSpSaIfInProtUnmtchs Counter64 }

T11FCSSAIFinUnprottchDrops计数器64、T11FCSSAIFinBadXForms计数器64、T11FCSSAIFinGoodXForms计数器64、T11FCSSAIFinProtunChs计数器64}

t11FcSpSaIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object has a non-zero value to identify a particular interface, or the value zero to indicate that the information in this row applies to all (of the management instance's) interfaces to the particular Fabric.

T11FCPSSAIFINDEX对象类型语法InterfaceIndexOrZero MAX-ACCESS不可访问状态当前描述“此对象具有非零值以标识特定接口,或具有零值以指示此行中的信息适用于特定结构的所有(管理实例的)接口。

If any row has a non-zero value of t11FcSpSaIfIndex, then all rows for the same Fibre Channel management instance must also have a non-zero value of t11FcSpSaIfIndex and thereby be specific to a particular interface.

如果任何行的非零值为T11FCPSSAIFINDEX,则同一光纤通道管理实例的所有行也必须具有非零值T11FCPSSAIFINDEX,从而特定于特定接口。

           As and when zero values of t11FcSpSaIfIndex are used in
           this table, then they must also be used in each other
           table that has t11FcSpSaIfIndex in its INDEX clause."
    ::= { t11FcSpSaIfEntry 1 }
        
           As and when zero values of t11FcSpSaIfIndex are used in
           this table, then they must also be used in each other
           table that has t11FcSpSaIfIndex in its INDEX clause."
    ::= { t11FcSpSaIfEntry 1 }
        
t11FcSpSaIfFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Fabric."
    ::= { t11FcSpSaIfEntry 2 }
        
t11FcSpSaIfFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           Fabric."
    ::= { t11FcSpSaIfEntry 2 }
        
t11FcSpSaIfEspHeaderCapab OBJECT-TYPE
    SYNTAX       T11FcSpTransforms
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "A list of the standardized transforms supported by this
           entity on this interface for ESP_Header protection."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Appendix A.3.1, tables A.23, A.25."
    ::= { t11FcSpSaIfEntry 3 }
        
t11FcSpSaIfEspHeaderCapab OBJECT-TYPE
    SYNTAX       T11FcSpTransforms
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "A list of the standardized transforms supported by this
           entity on this interface for ESP_Header protection."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Appendix A.3.1, tables A.23, A.25."
    ::= { t11FcSpSaIfEntry 3 }
        
t11FcSpSaIfCTAuthCapab OBJECT-TYPE
    SYNTAX       T11FcSpTransforms
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "A list of the standardized transforms supported by this
           entity on this interface for CT_Authentication protection."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Appendix A.3.1, tables A.23, A.25."
    ::= { t11FcSpSaIfEntry 4 }
        
t11FcSpSaIfCTAuthCapab OBJECT-TYPE
    SYNTAX       T11FcSpTransforms
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "A list of the standardized transforms supported by this
           entity on this interface for CT_Authentication protection."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Appendix A.3.1, tables A.23, A.25."
    ::= { t11FcSpSaIfEntry 4 }
        
t11FcSpSaIfIKEv2Capab OBJECT-TYPE
    SYNTAX       T11FcSpTransforms
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "A list of the standardized transforms supported by this
           entity on this interface with IKEv2 protection."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Appendix A.3.1, tables A.23, A.24,
              A.25, A.26."
    ::= { t11FcSpSaIfEntry 5 }
        
t11FcSpSaIfIKEv2Capab OBJECT-TYPE
    SYNTAX       T11FcSpTransforms
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "A list of the standardized transforms supported by this
           entity on this interface with IKEv2 protection."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, Appendix A.3.1, tables A.23, A.24,
              A.25, A.26."
    ::= { t11FcSpSaIfEntry 5 }
        
t11FcSpSaIfIkev2AuthCapab OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "An indication of whether the entity is capable of
           supporting the IKEv2-AUTH protocol on this interface, i.e.,
           concatenation of Authentication and SA Management
           Transactions, such that an SA Management Transaction is
           used to perform both the authentication function and
           SA management."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.7.2, and table A.27."
    ::= { t11FcSpSaIfEntry 6 }
        
t11FcSpSaIfIkev2AuthCapab OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "An indication of whether the entity is capable of
           supporting the IKEv2-AUTH protocol on this interface, i.e.,
           concatenation of Authentication and SA Management
           Transactions, such that an SA Management Transaction is
           used to perform both the authentication function and
           SA management."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.7.2, and table A.27."
    ::= { t11FcSpSaIfEntry 6 }
        

t11FcSpSaIfStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-write STATUS current

T11FCPSAIFStorageType对象类型语法StorageType MAX-ACCESS读写状态当前

DESCRIPTION "This object specifies the memory realization of information related to FC-SP Security Associations for interface(s) to a particular Fabric; specifically, for rows created and/or modified in these tables:

DESCRIPTION“此对象指定与特定结构接口的FC-SP安全关联相关的信息的内存实现;具体而言,对于在这些表中创建和/或修改的行:

t11FcSpSaPropTable t11FcSpSaTSelDrByTable t11FcSpSaControlTable

T11FCSP表T11FCSP卫星数据表T11FCSP可控制

and, for modified information contained in the same row as an instance of this object.

以及,用于包含在与此对象实例相同的行中的修改信息。

           Even if an instance of this object has the value
           'permanent(4)', none of the information defined in
           this MIB module for interface(s) to the given Fabric
           need to be writable."
    ::= { t11FcSpSaIfEntry 7 }
        
           Even if an instance of this object has the value
           'permanent(4)', none of the information defined in
           this MIB module for interface(s) to the given Fabric
           need to be writable."
    ::= { t11FcSpSaIfEntry 7 }
        

t11FcSpSaIfReplayPrevention OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates whether anti-replay protection is enabled for frame reception on this interface.

T11FCPSSAIFREPLAYPREvention对象类型语法TruthValue MAX-ACCESS读写状态当前描述“此对象表示是否为此接口上的帧接收启用了防重放保护。

           Note that the replay-protection mechanism in FC-SP is
           conceptually similar to the corresponding mechanism in
           IPsec ESP."
    REFERENCE
           "- IP Encapsulating Security Payload (ESP),
              RFC 4303, December 2005, section 3.3.3."
    ::= { t11FcSpSaIfEntry 8 }
        
           Note that the replay-protection mechanism in FC-SP is
           conceptually similar to the corresponding mechanism in
           IPsec ESP."
    REFERENCE
           "- IP Encapsulating Security Payload (ESP),
              RFC 4303, December 2005, section 3.3.3."
    ::= { t11FcSpSaIfEntry 8 }
        

t11FcSpSaIfReplayWindowSize OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The size of the replay window to be used when anti-replay protection is enabled for frame reception on this interface.

T11FCPSSAIFREPLAYWINDOWSIZE对象类型语法Unsigned32 MAX-ACCESS读写状态当前描述“当此接口上的帧接收启用防重播保护时,要使用的重播窗口的大小。

Note that the replay-protection mechanism in FC-SP is conceptually similar to the corresponding mechanism in IPsec ESP." REFERENCE

请注意,FC-SP中的重播保护机制在概念上类似于IPsec参考中的相应机制

           "- IP Encapsulating Security Payload (ESP),
              RFC 4303, December 2005, section 3.4.3."
    ::= { t11FcSpSaIfEntry 9 }
        
           "- IP Encapsulating Security Payload (ESP),
              RFC 4303, December 2005, section 3.4.3."
    ::= { t11FcSpSaIfEntry 9 }
        

t11FcSpSaIfDeadPeerDetections OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that a dead peer condition has been detected on this interface.

T11FCPSAIFDEADPEERDETECTIONS对象类型语法计数器32 MAX-ACCESS只读状态当前描述“在此接口上检测到死机对等条件的次数。

           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 8.5.3.3."
    ::= { t11FcSpSaIfEntry 10 }
        
           This counter has no discontinuities other than those
           that all Counter32's have when sysUpTime=0."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 8.5.3.3."
    ::= { t11FcSpSaIfEntry 10 }
        

t11FcSpSaIfTerminateAllSas OBJECT-TYPE SYNTAX INTEGER { noop(1), terminate(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to 'terminate' is a request to terminate all outstanding Security Associations on this interface.

T11FCPSASAFTERMINATEALLSAS对象类型语法整数{noop(1),terminate(2)}MAX-ACCESS读写状态当前描述“将此对象设置为“terminate”是终止此接口上所有未完成的安全关联的请求。

           When read, the value of this object is always 'noop'.
           Setting this object to 'noop' has no effect."
    ::= { t11FcSpSaIfEntry 11 }
        
           When read, the value of this object is always 'noop'.
           Setting this object to 'noop' has no effect."
    ::= { t11FcSpSaIfEntry 11 }
        

t11FcSpSaIfOutDrops OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of output frames that were dropped, instead of being transmitted on this interface, because they matched an active (at that time) Traffic Selector with an action of 'Drop'.

T11FCPSSAIFOUTDROPS对象类型语法计数器64 MAX-ACCESS只读状态当前描述“由于将活动(当时)流量选择器与“Drop”操作相匹配,因此丢弃而不是在此接口上传输的输出帧数。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 12 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 12 }
        

t11FcSpSaIfOutBypasses OBJECT-TYPE

T11FCPSAIFOUTByPasses对象类型

SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of output frames that were transmitted unchanged by FC-SP on this interface because they matched an active (at that time) Traffic Selector with an action of 'Bypass'.

SYNTAX Counter 64 MAX-ACCESS只读状态当前描述“由于FC-SP将活动(当时)流量选择器与“旁路”操作相匹配,因此在此接口上传输的输出帧数保持不变。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 13 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 13 }
        

t11FcSpSaIfOutProcesses OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of output frames that were protected by FC-SP before being transmitted on this interface because they matched an active (at that time) Traffic Selector with an action of 'Process'.

T11FCPSAIFOUTPROCESS对象类型语法计数器64 MAX-ACCESS只读状态当前描述“在该接口上传输之前受FC-SP保护的输出帧数,因为它们将活动(当时)流量选择器与“进程”操作相匹配。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 14 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 14 }
        

t11FcSpSaIfOutUnMatcheds OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of frames that were transmitted unchanged by FC-SP on this interface because they did not match any Traffic Selector active at that time.

T11FCPSASAIFOUTUNMATCHEDS对象类型语法计数器64 MAX-ACCESS只读状态当前描述“FC-SP在此接口上传输的帧数不变,因为它们不匹配当时任何活动的流量选择器。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 15 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 15 }
        

t11FcSpSaIfInUnprotUnmtchDrops OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of frames received on this interface that were dropped because they were unprotected and did not match any Traffic Selector active at that time.

T11FCPSSAIFINUNPUNTMTCHDROPS对象类型语法计数器64 MAX-ACCESS只读状态当前描述“此接口上接收到的由于未受保护且与当时任何活动的流量选择器不匹配而丢弃的帧数。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 16 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 16 }
        

t11FcSpSaIfInDetReplays OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that a replay has been detected on a Security Association that is currently active or was previously active on this interface. Note that a frame that is discarded because it is 'behind' the window, i.e., too old, is counted as a replay.

T11FCPSSAIFindetReplays对象类型语法计数器64 MAX-ACCESS只读状态当前说明“在此接口上当前处于活动状态或以前处于活动状态的安全关联上检测到重播的次数。请注意,由于“在”窗口后面(即太旧)而被丢弃的帧将计为重播。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 17 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 17 }
        

t11FcSpSaIfInUnprotMtchDrops OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that a frame received on this interface was dropped because it matched with a Traffic Selector for a Security Association that was active at the time of receipt but the frame was not protected as negotiated for that Security Association.

T11FCPSSAIFINUNUPTMTCHDROPS对象类型语法计数器64 MAX-ACCESS只读状态当前说明“此接口上接收到的帧由于与安全关联的流量选择器匹配而被丢弃的次数,该安全关联在接收时处于活动状态,但该帧未受到该安全关联协商的保护。”。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 18 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 18 }
        

t11FcSpSaIfInBadXforms OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that a frame received on this interface was dropped because of a failure of one of the transforms negotiated for the Security Association on which it was received.

T11FCPSSAIFinBadXForms对象类型语法计数器64 MAX-ACCESS只读状态当前描述“由于为接收帧的安全关联协商的某个转换失败而在此接口上接收到的帧被丢弃的次数。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 19 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 19 }
        

t11FcSpSaIfInGoodXforms OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of frames received on this interface on a Security Association for which the transforms negotiated for that Security Association were successfully applied, and that matched a Traffic Selector for that Security Association.

T11FCPSSAIFINGOODXFORMS对象类型语法计数器64 MAX-ACCESS只读状态当前描述“安全关联上此接口上接收的帧数,为该安全关联协商的转换已成功应用,并且与该安全关联的流量选择器相匹配。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 20 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 20 }
        

t11FcSpSaIfInProtUnmtchs OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of frames received on this interface that were dropped because they did not match any of the Traffic Selectors negotiated for the Security Association on which they were received, even though the Security Association's transforms were successfully applied.

T11FCPSSAIFINPROTUNMTCHS对象类型语法计数器64 MAX-ACCESS只读状态当前说明“此接口上接收到的帧数,由于它们与接收它们的安全关联协商的任何流量选择器不匹配而被丢弃,即使安全关联的转换已成功应用。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 21 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaIfEntry 21 }
        

-- -- Proposals to present in Security Association negotiation --

--——在安全协会谈判中提出的建议--

t11FcSpSaPropTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaPropEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of proposals for an FC-SP entity acting as an
           SA_Initiator to present to the SA_Responder during the
           negotiation of Security Associations.  This information
           is also used by an FC-SP entity acting as an SA_Responder
           to decide what to accept during the negotiation of
           Security Associations."
    ::= { t11FcSpSaConfig 1 }
        
t11FcSpSaPropTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaPropEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of proposals for an FC-SP entity acting as an
           SA_Initiator to present to the SA_Responder during the
           negotiation of Security Associations.  This information
           is also used by an FC-SP entity acting as an SA_Responder
           to decide what to accept during the negotiation of
           Security Associations."
    ::= { t11FcSpSaConfig 1 }
        

t11FcSpSaPropEntry OBJECT-TYPE

T11FCSP腐泥场对象类型

SYNTAX T11FcSpSaPropEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one proposal for the FC-SP entity to present, or what to accept, during the negotiation of Security Associations on one or more interfaces (identified by t11FcSpSaIfIndex) to a particular Fabric (identified by t11FcSpSaIfFabricIndex), and managed as part of the Fibre Channel management instance identified by fcmInstanceIndex.

语法T11FCPSAProperty MAX-ACCESS不可访问状态当前描述“每个条目包含FC-SP实体在一个或多个接口(由T11FCPSASAIFINDEX标识)与特定结构的安全关联协商期间要提交的一个提案或要接受的内容的信息(由T11FCPSSAIFBRICINDEX标识),并作为fcmInstanceIndex标识的光纤通道管理实例的一部分进行管理。

           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaIfStorageType that is INDEX-ed
           by the same values of fcmInstanceIndex, t11FcSpSaIfIndex
           and t11FcSpSaIfFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaIfFabricIndex,
             t11FcSpSaPropIndex }
    ::= { t11FcSpSaPropTable 1 }
        
           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaIfStorageType that is INDEX-ed
           by the same values of fcmInstanceIndex, t11FcSpSaIfIndex
           and t11FcSpSaIfFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaIfFabricIndex,
             t11FcSpSaPropIndex }
    ::= { t11FcSpSaPropTable 1 }
        
T11FcSpSaPropEntry ::= SEQUENCE {
    t11FcSpSaPropIndex             Unsigned32,
    t11FcSpSaPropSecurityProt      T11FcSpSecurityProtocolId,
    t11FcSpSaPropTSelListIndex     Unsigned32,
    t11FcSpSaPropTransListIndex    Unsigned32,
    t11FcSpSaPropAcceptAlgorithm   INTEGER,
    t11FcSpSaPropOutMatchSucceeds  Counter64,
    t11FcSpSaPropRowStatus         RowStatus
}
        
T11FcSpSaPropEntry ::= SEQUENCE {
    t11FcSpSaPropIndex             Unsigned32,
    t11FcSpSaPropSecurityProt      T11FcSpSecurityProtocolId,
    t11FcSpSaPropTSelListIndex     Unsigned32,
    t11FcSpSaPropTransListIndex    Unsigned32,
    t11FcSpSaPropAcceptAlgorithm   INTEGER,
    t11FcSpSaPropOutMatchSucceeds  Counter64,
    t11FcSpSaPropRowStatus         RowStatus
}
        
t11FcSpSaPropIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           proposal for use on one or more interfaces to a Fabric."
    ::= { t11FcSpSaPropEntry 1 }
        
t11FcSpSaPropIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           proposal for use on one or more interfaces to a Fabric."
    ::= { t11FcSpSaPropEntry 1 }
        

t11FcSpSaPropSecurityProt OBJECT-TYPE SYNTAX T11FcSpSecurityProtocolId MAX-ACCESS read-create STATUS current DESCRIPTION "The Security Protocol identifier for this proposal, i.e., whether the proposal is for traffic to be protected using ESP_Header or CT_Authentication."

T11FCPSAPROPSECURIPROT对象类型语法T11FCSSECURIPROTOCOLID MAX-ACCESS read create STATUS current DESCRIPTION“此方案的安全协议标识符,即该方案是使用ESP\U头还是CT\U身份验证来保护流量。”

    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.2 and table 67."
    ::= { t11FcSpSaPropEntry 2 }
        
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.2 and table 67."
    ::= { t11FcSpSaPropEntry 2 }
        

t11FcSpSaPropTSelListIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "When the value of this object is non-zero, it points to the proposal's list of Traffic Selectors. The value must be non-zero in an active row of this table.

T11FCPSAPROPTSELISTINDEX对象类型语法Unsigned32 MAX-ACCESS read create STATUS current DESCRIPTION“当此对象的值为非零时,它指向提案的流量选择器列表。此表的活动行中的值必须为非零。

           The identified list is represented by all rows in the
           t11FcSpSaTSelPropTable for which t11FcSpSaTSelPropListIndex
           has the same value as this object (and with corresponding
           values of t11FcSpSaIfIndex and fcmInstanceIndex)."
    ::= { t11FcSpSaPropEntry 3 }
        
           The identified list is represented by all rows in the
           t11FcSpSaTSelPropTable for which t11FcSpSaTSelPropListIndex
           has the same value as this object (and with corresponding
           values of t11FcSpSaIfIndex and fcmInstanceIndex)."
    ::= { t11FcSpSaPropEntry 3 }
        

t11FcSpSaPropTransListIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "When the value of this object is non-zero, it points to the proposal's list of Transforms. The value must be non-zero in an active row of this table.

T11FCPSAPROPTRANSTINDEX对象类型语法Unsigned32 MAX-ACCESS read create STATUS current DESCRIPTION“当此对象的值为非零时,它指向提案的转换列表。此表的活动行中的值必须为非零。

           The identified list is represented by all rows in the
           t11FcSpSaTransTable for which t11FcSpSaTransListIndex
           has the same value as this object (and with corresponding
           values of t11FcSpSaIfIndex and fcmInstanceIndex)."
    ::= { t11FcSpSaPropEntry 4 }
        
           The identified list is represented by all rows in the
           t11FcSpSaTransTable for which t11FcSpSaTransListIndex
           has the same value as this object (and with corresponding
           values of t11FcSpSaIfIndex and fcmInstanceIndex)."
    ::= { t11FcSpSaPropEntry 4 }
        
t11FcSpSaPropAcceptAlgorithm OBJECT-TYPE
    SYNTAX       INTEGER {
                     intersection(1),
                     union(2),
                     other(3)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The algorithm by which an SA_Responder in an SA negotiation
           decides on which Traffic Selectors to specify in a response
           to an IKE_Create_Child_SA request.  This algorithm is used
        
t11FcSpSaPropAcceptAlgorithm OBJECT-TYPE
    SYNTAX       INTEGER {
                     intersection(1),
                     union(2),
                     other(3)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The algorithm by which an SA_Responder in an SA negotiation
           decides on which Traffic Selectors to specify in a response
           to an IKE_Create_Child_SA request.  This algorithm is used
        

when the Traffic Selectors specified by an SA_Initiator in an IKE_Create_Child_SA request overlap with this proposal's list of Traffic Selectors:

当IKE_Create_Child_SA请求中SA_发起人指定的流量选择器与此提案的流量选择器列表重叠时:

intersection(1) - the SA_Responder specifies the largest subset of what the SA_Initiator proposed, which is also a subset of this proposal's Traffic Selectors.

交叉口(1)-SA_响应者指定SA_发起人提议的最大子集,该子集也是该提议的交通选择器的子集。

union(2) - the SA_Responder specifies the smallest superset of what the SA_Initiator proposed, which is also a superset of this proposal's Traffic Selectors.

联合(2)-SA_响应者指定SA_发起人提议的最小超集,该超集也是该提议的流量选择器的超集。

           other(3)    - the SA_Responder uses some other algorithm.
           "
    ::= { t11FcSpSaPropEntry 5 }
        
           other(3)    - the SA_Responder uses some other algorithm.
           "
    ::= { t11FcSpSaPropEntry 5 }
        

t11FcSpSaPropOutMatchSucceeds OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of egress frames that have matched a Traffic Selector that was negotiated to select traffic for an SA based on this proposal being accepted.

T11FCSPSAPropOutMatchSuccessed对象类型语法计数器64 MAX-ACCESS只读状态当前描述“已匹配流量选择器的出口帧数,该流量选择器是根据接受的此建议协商为SA选择流量的。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPropEntry 6 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPropEntry 6 }
        

t11FcSpSaPropRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of a row. Values of object instances within an active row can be modified at any time.

t11FcSpSaPropRowStatus对象类型语法RowStatus MAX-ACCESS read create STATUS current DESCRIPTION“行的状态。可以随时修改活动行中对象实例的值。

           The status cannot be set to 'active' unless and
           until the instances of t11FcSpSaPropTSelListIndex
           and t11FcSpSaPropTransListIndex in the row have
           been set to point to active rows in the
           t11FcSpSaTSelPropTable and t11FcSpSaTransTable
           tables, respectively.  A row in this table is
           deleted if the active rows it points to are deleted."
    ::= { t11FcSpSaPropEntry 7 }
        
           The status cannot be set to 'active' unless and
           until the instances of t11FcSpSaPropTSelListIndex
           and t11FcSpSaPropTransListIndex in the row have
           been set to point to active rows in the
           t11FcSpSaTSelPropTable and t11FcSpSaTransTable
           tables, respectively.  A row in this table is
           deleted if the active rows it points to are deleted."
    ::= { t11FcSpSaPropEntry 7 }
        

-- -- Traffic Selector Proposals --

----交通选择器建议--

t11FcSpSaTSelPropTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTSelPropEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about Traffic Selectors
           to propose and/or to accept during the negotiation of
           Security Associations."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5.
            - Use of IKEv2 in FC-SP, RFC 4595,
              July 2006, section 4.4."
    ::= { t11FcSpSaConfig 2 }
        
t11FcSpSaTSelPropTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTSelPropEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about Traffic Selectors
           to propose and/or to accept during the negotiation of
           Security Associations."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5.
            - Use of IKEv2 in FC-SP, RFC 4595,
              July 2006, section 4.4."
    ::= { t11FcSpSaConfig 2 }
        

t11FcSpSaTSelPropEntry OBJECT-TYPE SYNTAX T11FcSpSaTSelPropEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one Traffic Selector within a list of Traffic Selectors to propose, or for use in determining what to accept during Security Association negotiation.

T11FCPSATSELPROPERENTRY对象类型语法T11FCPSATSELPROPERENTRY MAX-ACCESS not ACCESS STATUS current DESCRIPTION“每个条目包含有关要建议的流量选择器列表中的一个流量选择器的信息,或用于确定在安全关联协商期间要接受的内容。

One such list is configured for use on a Fabric by configuring the list's value of t11FcSpSaTSelPropListIndex as the value of an instance of t11FcSpSaPropTSelListIndex, for corresponding values of t11FcSpSaIfIndex and fcmInstanceIndex. Further, the proposing and accepting of Traffic Selectors is only done as a part of a proposal specified by a row of the t11FcSpSaPropTable, i.e., in combination with the proposing and accepting of security transforms as specified by the combination of t11FcSpSaPropTSelListIndex and t11FcSpSaPropTransListIndex in one row of the t11FcSpSaPropTable.

通过将T11FCPSSatSelPropListIndex的列表值配置为T11FCPSSapPropTSellistIndex实例的值(对应于T11FCPSSaiFindex和fcmInstanceIndex的值),可以配置一个这样的列表以在结构上使用。此外,流量选择器的提议和接受仅作为由T11FCSP表的一行指定的提议的一部分进行,即,与由T11FCSP表的一行中的T11FCSP-SPROPTSELISTINDEX和T11FCSP-SPROPTERLISTINDEX的组合指定的安全转换的提议和接受相结合。

           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaTSelPropStorageType in that row."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaTSelPropListIndex, t11FcSpSaTSelPropPrecedence }
    ::= { t11FcSpSaTSelPropTable 1 }
        
           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaTSelPropStorageType in that row."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaTSelPropListIndex, t11FcSpSaTSelPropPrecedence }
    ::= { t11FcSpSaTSelPropTable 1 }
        
T11FcSpSaTSelPropEntry ::= SEQUENCE {
    t11FcSpSaTSelPropListIndex    Unsigned32,
    t11FcSpSaTSelPropPrecedence   T11FcSpPrecedence,
    t11FcSpSaTSelPropDirection    T11FcSaDirection,
    t11FcSpSaTSelPropStartSrcAddr FcAddressIdOrZero,
    t11FcSpSaTSelPropEndSrcAddr   FcAddressIdOrZero,
    t11FcSpSaTSelPropStartDstAddr FcAddressIdOrZero,
    t11FcSpSaTSelPropEndDstAddr   FcAddressIdOrZero,
    t11FcSpSaTSelPropStartRCtl    T11FcRoutingControl,
    t11FcSpSaTSelPropEndRCtl      T11FcRoutingControl,
    t11FcSpSaTSelPropStartType    T11FcSpType,
    t11FcSpSaTSelPropEndType      T11FcSpType,
    t11FcSpSaTSelPropStorageType  StorageType,
    t11FcSpSaTSelPropRowStatus    RowStatus
}
        
T11FcSpSaTSelPropEntry ::= SEQUENCE {
    t11FcSpSaTSelPropListIndex    Unsigned32,
    t11FcSpSaTSelPropPrecedence   T11FcSpPrecedence,
    t11FcSpSaTSelPropDirection    T11FcSaDirection,
    t11FcSpSaTSelPropStartSrcAddr FcAddressIdOrZero,
    t11FcSpSaTSelPropEndSrcAddr   FcAddressIdOrZero,
    t11FcSpSaTSelPropStartDstAddr FcAddressIdOrZero,
    t11FcSpSaTSelPropEndDstAddr   FcAddressIdOrZero,
    t11FcSpSaTSelPropStartRCtl    T11FcRoutingControl,
    t11FcSpSaTSelPropEndRCtl      T11FcRoutingControl,
    t11FcSpSaTSelPropStartType    T11FcSpType,
    t11FcSpSaTSelPropEndType      T11FcSpType,
    t11FcSpSaTSelPropStorageType  StorageType,
    t11FcSpSaTSelPropRowStatus    RowStatus
}
        
t11FcSpSaTSelPropListIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that identifies a particular list of
           Traffic Selectors."
    ::= { t11FcSpSaTSelPropEntry 1 }
        
t11FcSpSaTSelPropListIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that identifies a particular list of
           Traffic Selectors."
    ::= { t11FcSpSaTSelPropEntry 1 }
        

t11FcSpSaTSelPropPrecedence OBJECT-TYPE SYNTAX T11FcSpPrecedence MAX-ACCESS not-accessible STATUS current DESCRIPTION "The precedence of this Traffic Selector. Each Traffic Selector within a particular list of Traffic Selectors must have a different precedence.

T11FCSPSATSELPROPPRICENT对象类型语法T11FCSPRICENT MAX-ACCESS not ACCESS STATUS current DESCRIPTION“此流量选择器的优先级。特定流量选择器列表中的每个流量选择器必须具有不同的优先级。

           If an egress frame matches multiple Traffic Selectors,
           it should be transmitted on the SA associated with the
           Traffic Selector having the numerically smallest
           precedence value."
    ::= { t11FcSpSaTSelPropEntry 2 }
        
           If an egress frame matches multiple Traffic Selectors,
           it should be transmitted on the SA associated with the
           Traffic Selector having the numerically smallest
           precedence value."
    ::= { t11FcSpSaTSelPropEntry 2 }
        

t11FcSpSaTSelPropDirection OBJECT-TYPE SYNTAX T11FcSaDirection MAX-ACCESS read-create STATUS current DESCRIPTION "An indication of whether this Traffic Selector is to be proposed for ingress or egress traffic." DEFVAL { egress }

T11FCSPSATSELPROPDORIENCE对象类型语法T11FcSaDirection MAX-ACCESS read create STATUS current DESCRIPTION“此流量选择器是否建议用于入口或出口流量的指示。”DEFVAL{EXGRESS}

    ::= { t11FcSpSaTSelPropEntry 3 }
        
    ::= { t11FcSpSaTSelPropEntry 3 }
        
t11FcSpSaTSelPropStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelPropEntry 4 }
        
t11FcSpSaTSelPropStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelPropEntry 4 }
        
t11FcSpSaTSelPropEndSrcAddr  OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelPropEntry 5 }
        
t11FcSpSaTSelPropEndSrcAddr  OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelPropEntry 5 }
        
t11FcSpSaTSelPropStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelPropEntry 6 }
        
t11FcSpSaTSelPropStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelPropEntry 6 }
        

t11FcSpSaTSelPropEndDstAddr OBJECT-TYPE

T11FCSPSATELPROPERTENDSDSTADDR对象类型

    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelPropEntry 7 }
        
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelPropEntry 7 }
        
t11FcSpSaTSelPropStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '00'h }
    ::= { t11FcSpSaTSelPropEntry 8 }
        
t11FcSpSaTSelPropStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '00'h }
    ::= { t11FcSpSaTSelPropEntry 8 }
        
t11FcSpSaTSelPropEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FF'h }
    ::= { t11FcSpSaTSelPropEntry 9 }
        
t11FcSpSaTSelPropEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FF'h }
    ::= { t11FcSpSaTSelPropEntry 9 }
        

t11FcSpSaTSelPropStartType OBJECT-TYPE SYNTAX T11FcSpType MAX-ACCESS read-create STATUS current

T11FCSPSATELPROPSTARTTYPE对象类型语法T11FcSpType MAX-ACCESS读取创建状态当前

    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '0000'h }
    ::= { t11FcSpSaTSelPropEntry 10 }
        
    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { '0000'h }
    ::= { t11FcSpSaTSelPropEntry 10 }
        
t11FcSpSaTSelPropEndType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FFFF'h }
    ::= { t11FcSpSaTSelPropEntry 11 }
        
t11FcSpSaTSelPropEndType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.4.5."
    DEFVAL   { 'FFFF'h }
    ::= { t11FcSpSaTSelPropEntry 11 }
        

t11FcSpSaTSelPropStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the memory realization of the information in this row.

T11FCPSSATSELPROPStorageType对象类型语法StorageType MAX-ACCESS读取创建状态当前描述“此对象指定此行中信息的内存实现。

           Even if an instance of this object has the value
           'permanent(4)', none of the information in its row
           needs to be writable."
    ::= { t11FcSpSaTSelPropEntry 12 }
        
           Even if an instance of this object has the value
           'permanent(4)', none of the information in its row
           needs to be writable."
    ::= { t11FcSpSaTSelPropEntry 12 }
        
t11FcSpSaTSelPropRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpSaTSelPropEntry 13 }
        
t11FcSpSaTSelPropRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpSaTSelPropEntry 13 }
        

-- -- Transform Proposals --

--——改造方案--

t11FcSpSaTransTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTransEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about security transforms
           to propose, to accept and/or agreed upon during the
           negotiation of Security Associations."
    ::= { t11FcSpSaConfig 3 }
        
t11FcSpSaTransTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTransEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about security transforms
           to propose, to accept and/or agreed upon during the
           negotiation of Security Associations."
    ::= { t11FcSpSaConfig 3 }
        

t11FcSpSaTransEntry OBJECT-TYPE SYNTAX T11FcSpSaTransEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one proposal within a list of security transforms to be proposed, to be accepted, or already agreed upon, for use on a pair of Security Associations on one or more interfaces (identified by t11FcSpSaIfIndex), managed as part of the Fibre Channel management instance identified by fcmInstanceIndex.

T11FCPSATransEntry对象类型语法T11FCPSATransEntry MAX-ACCESS不可访问状态当前描述“每个条目包含一个安全转换列表中的一个建议的信息,这些安全转换将被建议、接受或已达成一致,用于一个或多个接口上的一对安全关联(由T11FCPSSAIFINDEX标识),作为fcmInstanceIndex标识的光纤通道管理实例的一部分进行管理。

One such list is configured to be proposed or accepted for use on a Fabric, by having the list's value of t11FcSpSaTransListIndex be the value of an instance of t11FcSpSaPropTransListIndex for that Fabric. Further, the proposing and accepting of security transforms is only done as a part of a proposal specified by a row of the t11FcSpSaPropTable, i.e., in combination with the proposing and accepting of Traffic Selectors as specified by the combination of t11FcSpSaPropTSelListIndex and t11FcSpSaPropTransListIndex in one row of the t11FcSpSaPropTable.

通过将列表的T11FCPSATTransListIndex值设置为该结构的T11FCPSAPROPTRANSTINDEX实例的值,将一个这样的列表配置为建议或接受在结构上使用。此外,安全转换的提议和接受仅作为t11fcsp表的一行指定的提议的一部分进行,即,与t11fcsp表的一行中的t11fcsp-sproptsellistindex和t11fcsp-sproptransistindex的组合指定的流量选择器的提议和接受相结合。

The security (encryption and integrity) transform in use on an SA pair is indicated by having the pair's values of t11FcSpSaPairTransListIndex and t11FcSpSaPairTransIndex contain the values of t11FcSpSaTransListIndex and t11FcSpSaTransIndex for the transform's row in this table.

SA对上使用的安全性(加密和完整性)转换通过使该对的T11FCPSAPAIRTransfistIndex和T11FCPSAPAIRTransfistIndex值包含此表中转换行的T11FCPSATTransListIndex和T11FCPSATTransIndex值来表示。

The StorageType of a row in this table is specified by the instance of t11FcSpSaTransStorageType in that row." INDEX { fcmInstanceIndex, t11FcSpSaIfIndex, t11FcSpSaTransListIndex, t11FcSpSaTransIndex }

此表中某行的StorageType由该行中T11FCPSSATTransStorageType的实例指定

    ::= { t11FcSpSaTransTable 1 }
        
    ::= { t11FcSpSaTransTable 1 }
        
T11FcSpSaTransEntry ::= SEQUENCE {
    t11FcSpSaTransListIndex      Unsigned32,
    t11FcSpSaTransIndex          Unsigned32,
    t11FcSpSaTransSecurityProt   T11FcSpSecurityProtocolId,
    t11FcSpSaTransEncryptAlg     AutonomousType,
    t11FcSpSaTransEncryptKeyLen  Unsigned32,
    t11FcSpSaTransIntegrityAlg   AutonomousType,
    t11FcSpSaTransStorageType    StorageType,
    t11FcSpSaTransRowStatus      RowStatus
}
        
T11FcSpSaTransEntry ::= SEQUENCE {
    t11FcSpSaTransListIndex      Unsigned32,
    t11FcSpSaTransIndex          Unsigned32,
    t11FcSpSaTransSecurityProt   T11FcSpSecurityProtocolId,
    t11FcSpSaTransEncryptAlg     AutonomousType,
    t11FcSpSaTransEncryptKeyLen  Unsigned32,
    t11FcSpSaTransIntegrityAlg   AutonomousType,
    t11FcSpSaTransStorageType    StorageType,
    t11FcSpSaTransRowStatus      RowStatus
}
        
t11FcSpSaTransListIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           list of security transforms to be proposed, to be accepted,
           or already agreed upon."
    ::= { t11FcSpSaTransEntry 1 }
        
t11FcSpSaTransListIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies a particular
           list of security transforms to be proposed, to be accepted,
           or already agreed upon."
    ::= { t11FcSpSaTransEntry 1 }
        
t11FcSpSaTransIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies one security
           transform within a list identified by
           t11FcSpSaTransListIndex."
    ::= { t11FcSpSaTransEntry 2 }
        
t11FcSpSaTransIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies one security
           transform within a list identified by
           t11FcSpSaTransListIndex."
    ::= { t11FcSpSaTransEntry 2 }
        
t11FcSpSaTransSecurityProt OBJECT-TYPE
    SYNTAX       T11FcSpSecurityProtocolId
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Security Protocol identifier that indicates
           whether this transform is for traffic to be protected
           using ESP_Header or using CT_Authentication."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.2 and table 67."
    ::= { t11FcSpSaTransEntry 3 }
        
t11FcSpSaTransSecurityProt OBJECT-TYPE
    SYNTAX       T11FcSpSecurityProtocolId
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Security Protocol identifier that indicates
           whether this transform is for traffic to be protected
           using ESP_Header or using CT_Authentication."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.2 and table 67."
    ::= { t11FcSpSaTransEntry 3 }
        

t11FcSpSaTransEncryptAlg OBJECT-TYPE

T11FCPSATransEncryptalg对象类型

    SYNTAX       AutonomousType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Encryption Algorithm for this transform."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.3 and tables 69 & 70."
    ::= { t11FcSpSaTransEntry 4 }
        
    SYNTAX       AutonomousType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Encryption Algorithm for this transform."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.3 and tables 69 & 70."
    ::= { t11FcSpSaTransEntry 4 }
        
t11FcSpSaTransEncryptKeyLen OBJECT-TYPE
    SYNTAX       Unsigned32
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The key length in bits to be used with an encryption
           algorithm that has a variable length key.  This object
           is ignored when the corresponding instance of
           t11FcSpSaTransEncryptAlg specifies an algorithm with a
           fixed length key."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.5 and table 77."
    ::= { t11FcSpSaTransEntry 5 }
        
t11FcSpSaTransEncryptKeyLen OBJECT-TYPE
    SYNTAX       Unsigned32
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The key length in bits to be used with an encryption
           algorithm that has a variable length key.  This object
           is ignored when the corresponding instance of
           t11FcSpSaTransEncryptAlg specifies an algorithm with a
           fixed length key."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.5 and table 77."
    ::= { t11FcSpSaTransEntry 5 }
        
t11FcSpSaTransIntegrityAlg OBJECT-TYPE
    SYNTAX       AutonomousType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Integrity Algorithm for this transform."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.3 and tables 69 & 72."
    ::= { t11FcSpSaTransEntry 6 }
        
t11FcSpSaTransIntegrityAlg OBJECT-TYPE
    SYNTAX       AutonomousType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The Integrity Algorithm for this transform."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, section 6.3.2.3 and tables 69 & 72."
    ::= { t11FcSpSaTransEntry 6 }
        

t11FcSpSaTransStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the memory realization of the information in this row.

T11FCPSATransStorageType对象类型语法StorageType MAX-ACCESS读取创建状态当前描述“此对象指定此行中信息的内存实现。

Even if an instance of this object has the value

即使此对象的实例具有

           'permanent(4)', none of the information in its row
           needs to be writable."
    ::= { t11FcSpSaTransEntry 7 }
        
           'permanent(4)', none of the information in its row
           needs to be writable."
    ::= { t11FcSpSaTransEntry 7 }
        

t11FcSpSaTransRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row.

T11FCPSSATRANSROWSTATUS对象类型语法RowStatus MAX-ACCESS read create STATUS current DESCRIPTION“此行的状态。

           When an instance of t11FcSpSaPairTransListIndex points to
           a row in this table, values of object instances in the row
           cannot be modified nor can the row be deleted.  Otherwise,
           a row can be modified or deleted at any time."
    ::= { t11FcSpSaTransEntry 8 }
        
           When an instance of t11FcSpSaPairTransListIndex points to
           a row in this table, values of object instances in the row
           cannot be modified nor can the row be deleted.  Otherwise,
           a row can be modified or deleted at any time."
    ::= { t11FcSpSaTransEntry 8 }
        

-- -- Traffic Selectors for Drop & Bypass --

----用于下降和旁路的交通选择器--

t11FcSpSaTSelDrByTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTSelDrByEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing Traffic Selectors to select which
           traffic is to be dropped or is to bypass further
           security processing."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 4.6, 4.7, and 6.4.5.
            - Use of IKEv2 in FC-SP, RFC 4595,
              July 2006, section 4.4."
    ::= { t11FcSpSaConfig 4 }
        
t11FcSpSaTSelDrByTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTSelDrByEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing Traffic Selectors to select which
           traffic is to be dropped or is to bypass further
           security processing."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 4.6, 4.7, and 6.4.5.
            - Use of IKEv2 in FC-SP, RFC 4595,
              July 2006, section 4.4."
    ::= { t11FcSpSaConfig 4 }
        

t11FcSpSaTSelDrByEntry OBJECT-TYPE SYNTAX T11FcSpSaTSelDrByEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents one Traffic Selector having the security action of 'drop' or 'bypass', which is applied based on a precedence value, either to ingress traffic that is unprotected by FC-SP, or to all egress traffic on one or more interfaces (identified by t11FcSpSaIfIndex) to a particular Fabric (identified

T11FCPSTSELDRBYENTRY对象类型语法T11FCPSTSELDRBYENTRY MAX-ACCESS不可访问状态当前说明“每个条目表示一个具有“丢弃”或“绕过”安全操作的流量选择器,该安全操作基于优先级值应用于FC-SP未保护的入口流量,或应用于一个或多个接口(由T11FCPSSAIFINDEX标识)上的特定结构(已标识)的所有出口流量

by t11FcSpSaIfFabricIndex), and managed as part of the Fibre Channel management instance identified by fcmInstanceIndex.

由T11FCPSAIFFARICINDEX)管理,并作为fcmInstanceIndex标识的光纤通道管理实例的一部分进行管理。

           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaIfStorageType that is INDEX-ed
           by the same values of fcmInstanceIndex, t11FcSpSaIfIndex
           and t11FcSpSaIfFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex, t11FcSpSaIfFabricIndex,
             t11FcSpSaTSelDrByDirection, t11FcSpSaTSelDrByPrecedence }
    ::= { t11FcSpSaTSelDrByTable 1 }
        
           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaIfStorageType that is INDEX-ed
           by the same values of fcmInstanceIndex, t11FcSpSaIfIndex
           and t11FcSpSaIfFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex, t11FcSpSaIfFabricIndex,
             t11FcSpSaTSelDrByDirection, t11FcSpSaTSelDrByPrecedence }
    ::= { t11FcSpSaTSelDrByTable 1 }
        
T11FcSpSaTSelDrByEntry ::= SEQUENCE {
    t11FcSpSaTSelDrByDirection     T11FcSaDirection,
    t11FcSpSaTSelDrByPrecedence    T11FcSpPrecedence,
    t11FcSpSaTSelDrByAction        INTEGER,
    t11FcSpSaTSelDrByStartSrcAddr  FcAddressIdOrZero,
    t11FcSpSaTSelDrByEndSrcAddr    FcAddressIdOrZero,
    t11FcSpSaTSelDrByStartDstAddr  FcAddressIdOrZero,
    t11FcSpSaTSelDrByEndDstAddr    FcAddressIdOrZero,
    t11FcSpSaTSelDrByStartRCtl     T11FcRoutingControl,
    t11FcSpSaTSelDrByEndRCtl       T11FcRoutingControl,
    t11FcSpSaTSelDrByStartType     T11FcSpType,
    t11FcSpSaTSelDrByEndType       T11FcSpType,
    t11FcSpSaTSelDrByMatches       Counter64,
    t11FcSpSaTSelDrByRowStatus     RowStatus
}
        
T11FcSpSaTSelDrByEntry ::= SEQUENCE {
    t11FcSpSaTSelDrByDirection     T11FcSaDirection,
    t11FcSpSaTSelDrByPrecedence    T11FcSpPrecedence,
    t11FcSpSaTSelDrByAction        INTEGER,
    t11FcSpSaTSelDrByStartSrcAddr  FcAddressIdOrZero,
    t11FcSpSaTSelDrByEndSrcAddr    FcAddressIdOrZero,
    t11FcSpSaTSelDrByStartDstAddr  FcAddressIdOrZero,
    t11FcSpSaTSelDrByEndDstAddr    FcAddressIdOrZero,
    t11FcSpSaTSelDrByStartRCtl     T11FcRoutingControl,
    t11FcSpSaTSelDrByEndRCtl       T11FcRoutingControl,
    t11FcSpSaTSelDrByStartType     T11FcSpType,
    t11FcSpSaTSelDrByEndType       T11FcSpType,
    t11FcSpSaTSelDrByMatches       Counter64,
    t11FcSpSaTSelDrByRowStatus     RowStatus
}
        
t11FcSpSaTSelDrByDirection OBJECT-TYPE
    SYNTAX       T11FcSaDirection
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An indication of whether this Traffic Selector is
           for ingress or egress traffic."
    ::= { t11FcSpSaTSelDrByEntry 1 }
        
t11FcSpSaTSelDrByDirection OBJECT-TYPE
    SYNTAX       T11FcSaDirection
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An indication of whether this Traffic Selector is
           for ingress or egress traffic."
    ::= { t11FcSpSaTSelDrByEntry 1 }
        
t11FcSpSaTSelDrByPrecedence OBJECT-TYPE
    SYNTAX       T11FcSpPrecedence
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The precedence of this Traffic Selector.  If and when a
           frame is compared against multiple Traffic Selectors, and
           multiple of them have a match with the frame, the security
           action to be taken for the frame is that specified for the
           matching Traffic Selector having the numerically smallest
           precedence value."
    ::= { t11FcSpSaTSelDrByEntry 2 }
        
t11FcSpSaTSelDrByPrecedence OBJECT-TYPE
    SYNTAX       T11FcSpPrecedence
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The precedence of this Traffic Selector.  If and when a
           frame is compared against multiple Traffic Selectors, and
           multiple of them have a match with the frame, the security
           action to be taken for the frame is that specified for the
           matching Traffic Selector having the numerically smallest
           precedence value."
    ::= { t11FcSpSaTSelDrByEntry 2 }
        
t11FcSpSaTSelDrByAction OBJECT-TYPE
    SYNTAX       INTEGER { drop(1), bypass(2) }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The security action to be taken for a frame that
           matches this Traffic Selector."
    DEFVAL   { drop }
    ::= { t11FcSpSaTSelDrByEntry 3 }
        
t11FcSpSaTSelDrByAction OBJECT-TYPE
    SYNTAX       INTEGER { drop(1), bypass(2) }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The security action to be taken for a frame that
           matches this Traffic Selector."
    DEFVAL   { drop }
    ::= { t11FcSpSaTSelDrByEntry 3 }
        
t11FcSpSaTSelDrByStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelDrByEntry 4 }
        
t11FcSpSaTSelDrByStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelDrByEntry 4 }
        
t11FcSpSaTSelDrByEndSrcAddr  OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelDrByEntry 5 }
        
t11FcSpSaTSelDrByEndSrcAddr  OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelDrByEntry 5 }
        
t11FcSpSaTSelDrByStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelDrByEntry 6 }
        
t11FcSpSaTSelDrByStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    DEFVAL   { '000000'h }
    ::= { t11FcSpSaTSelDrByEntry 6 }
        

t11FcSpSaTSelDrByEndDstAddr OBJECT-TYPE SYNTAX FcAddressIdOrZero (SIZE (3)) MAX-ACCESS read-create STATUS current DESCRIPTION

T11FCPSTSATSELDRBYENDDSTADDR对象类型语法FcAddressIdOrZero(大小(3))最大访问读取创建状态当前说明

           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelDrByEntry 7 }
        
           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    DEFVAL   { 'FFFFFF'h }
    ::= { t11FcSpSaTSelDrByEntry 7 }
        
t11FcSpSaTSelDrByStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    DEFVAL   { '00'h }
    ::= { t11FcSpSaTSelDrByEntry 8 }
        
t11FcSpSaTSelDrByStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    DEFVAL   { '00'h }
    ::= { t11FcSpSaTSelDrByEntry 8 }
        
t11FcSpSaTSelDrByEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    DEFVAL   { 'FF'h }
    ::= { t11FcSpSaTSelDrByEntry 9 }
        
t11FcSpSaTSelDrByEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    DEFVAL   { 'FF'h }
    ::= { t11FcSpSaTSelDrByEntry 9 }
        
t11FcSpSaTSelDrByStartType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    DEFVAL   { '0000'h }
    ::= { t11FcSpSaTSelDrByEntry 10 }
        
t11FcSpSaTSelDrByStartType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    DEFVAL   { '0000'h }
    ::= { t11FcSpSaTSelDrByEntry 10 }
        

t11FcSpSaTSelDrByEndType OBJECT-TYPE SYNTAX T11FcSpType MAX-ACCESS read-create STATUS current DESCRIPTION "The numerically largest of a range of possible 'type' values of frames that will match with this Traffic Selector." DEFVAL { 'FFFF'h }

t11FcSpSaTSelDrByEndType对象类型语法T11FCSPYPE MAX-ACCESS read create STATUS current DESCRIPTION“将与此流量选择器匹配的帧的可能“类型”值范围中数值最大的一个。”DEFVAL{'FFFF'h}

    ::= { t11FcSpSaTSelDrByEntry 11 }
        
    ::= { t11FcSpSaTSelDrByEntry 11 }
        

t11FcSpSaTSelDrByMatches OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of frames for which the action specified by the corresponding instance of t11FcSpSaTSelDrByAction was taken because of a match with this Traffic Selector.

T11FCPSTSETELDRBYMATCHES对象类型语法计数器64 MAX-ACCESS只读状态当前描述“由于与此流量选择器匹配而执行T11FCPSTSETELDRBYACTION相应实例指定的操作的帧数。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaTSelDrByEntry 12 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaTSelDrByEntry 12 }
        
t11FcSpSaTSelDrByRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpSaTSelDrByEntry 13 }
        
t11FcSpSaTSelDrByRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this row.  Values of object instances
           within the row can be modified at any time."
    ::= { t11FcSpSaTSelDrByEntry 13 }
        

-- -- Active Security Associations --

----积极的安全协会--

t11FcSpSaPairTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaPairEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about active
           bidirectional pairs of Security Associations."
    ::= { t11FcSpSaActive 1 }
        
t11FcSpSaPairTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaPairEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about active
           bidirectional pairs of Security Associations."
    ::= { t11FcSpSaActive 1 }
        

t11FcSpSaPairEntry OBJECT-TYPE SYNTAX T11FcSpSaPairEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about one active bidirectional pair of Security Associations on an interface to a particular Fabric (identified by t11FcSpSaIfFabricIndex), managed as part of the Fibre Channel management instance identified by fcmInstanceIndex."

T11FCSSAPAIRRENTRY对象类型语法T11FCSSAPAIRRENTRY MAX-ACCESS not ACCESS STATUS current DESCRIPTION“每个条目都包含有关特定结构接口上的一对活动双向安全关联的信息(由T11FCSSASAFBRICINDEX标识),作为fcmInstanceIndex标识的光纤通道管理实例的一部分进行管理。”

    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex, t11FcSpSaPairInboundSpi }
    ::= { t11FcSpSaPairTable 1 }
        
    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex, t11FcSpSaPairInboundSpi }
    ::= { t11FcSpSaPairTable 1 }
        
T11FcSpSaPairEntry ::= SEQUENCE {
    t11FcSpSaPairIfIndex           InterfaceIndex,
    t11FcSpSaPairInboundSpi        T11FcSpiIndex,
    t11FcSpSaPairSecurityProt      T11FcSpSecurityProtocolId,
    t11FcSpSaPairTransListIndex    Unsigned32,
    t11FcSpSaPairTransIndex        Unsigned32,
    t11FcSpSaPairLifetimeLeft      T11FcSpLifetimeLeft,
    t11FcSpSaPairLifetimeLeftUnits T11FcSpLifetimeLeftUnits,
    t11FcSpSaPairTerminate         INTEGER,
    t11FcSpSaPairInProtUnMatchs    Counter64,
    t11FcSpSaPairInDetReplays      Counter64,
    t11FcSpSaPairInBadXforms       Counter64,
    t11FcSpSaPairInGoodXforms      Counter64
}
        
T11FcSpSaPairEntry ::= SEQUENCE {
    t11FcSpSaPairIfIndex           InterfaceIndex,
    t11FcSpSaPairInboundSpi        T11FcSpiIndex,
    t11FcSpSaPairSecurityProt      T11FcSpSecurityProtocolId,
    t11FcSpSaPairTransListIndex    Unsigned32,
    t11FcSpSaPairTransIndex        Unsigned32,
    t11FcSpSaPairLifetimeLeft      T11FcSpLifetimeLeft,
    t11FcSpSaPairLifetimeLeftUnits T11FcSpLifetimeLeftUnits,
    t11FcSpSaPairTerminate         INTEGER,
    t11FcSpSaPairInProtUnMatchs    Counter64,
    t11FcSpSaPairInDetReplays      Counter64,
    t11FcSpSaPairInBadXforms       Counter64,
    t11FcSpSaPairInGoodXforms      Counter64
}
        
t11FcSpSaPairIfIndex OBJECT-TYPE
    SYNTAX       InterfaceIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object identifies the interface to the particular
           Fabric on which this SA pair is active."
    ::= { t11FcSpSaPairEntry 1 }
        
t11FcSpSaPairIfIndex OBJECT-TYPE
    SYNTAX       InterfaceIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object identifies the interface to the particular
           Fabric on which this SA pair is active."
    ::= { t11FcSpSaPairEntry 1 }
        
t11FcSpSaPairInboundSpi OBJECT-TYPE
    SYNTAX       T11FcSpiIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The SPI value that is used to indicate that an incoming
           frame was received on the ingress SA of this SA pair."
    ::= { t11FcSpSaPairEntry 2 }
        
t11FcSpSaPairInboundSpi OBJECT-TYPE
    SYNTAX       T11FcSpiIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The SPI value that is used to indicate that an incoming
           frame was received on the ingress SA of this SA pair."
    ::= { t11FcSpSaPairEntry 2 }
        
t11FcSpSaPairSecurityProt OBJECT-TYPE
    SYNTAX       T11FcSpSecurityProtocolId
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The object indicates whether this SA uses ESP_Header to
           protect FC-2 frames, or CT_Authentication to protect Common
           Transport Information Units (CT_IUs)."
    ::= { t11FcSpSaPairEntry 3 }
        
t11FcSpSaPairSecurityProt OBJECT-TYPE
    SYNTAX       T11FcSpSecurityProtocolId
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The object indicates whether this SA uses ESP_Header to
           protect FC-2 frames, or CT_Authentication to protect Common
           Transport Information Units (CT_IUs)."
    ::= { t11FcSpSaPairEntry 3 }
        

t11FcSpSaPairTransListIndex OBJECT-TYPE

T11FCPSAPAIRTRANSTINDEX对象类型

    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The combination of this value and the value of the
           corresponding instance of t11FcSpSaPairTransIndex
           identify the row in the t11FcSpSaTransTable that
           contains the transforms that are in use on this SA pair."
    ::= { t11FcSpSaPairEntry 4 }
        
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The combination of this value and the value of the
           corresponding instance of t11FcSpSaPairTransIndex
           identify the row in the t11FcSpSaTransTable that
           contains the transforms that are in use on this SA pair."
    ::= { t11FcSpSaPairEntry 4 }
        
t11FcSpSaPairTransIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The combination of this value and the value of the
           corresponding instance of t11FcSpSaPairTransListIndex
           identify the row in the t11FcSpSaTransTable that
           contains the transforms that are in use on this SA pair."
    ::= { t11FcSpSaPairEntry 5 }
        
t11FcSpSaPairTransIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The combination of this value and the value of the
           corresponding instance of t11FcSpSaPairTransListIndex
           identify the row in the t11FcSpSaTransTable that
           contains the transforms that are in use on this SA pair."
    ::= { t11FcSpSaPairEntry 5 }
        
t11FcSpSaPairLifetimeLeft OBJECT-TYPE
    SYNTAX       T11FcSpLifetimeLeft
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The remaining lifetime of this SA pair, given in the
           units specified by the value of the corresponding
           instance of t11FcSpSaPairLifetimeLeft."
    ::= { t11FcSpSaPairEntry 6 }
        
t11FcSpSaPairLifetimeLeft OBJECT-TYPE
    SYNTAX       T11FcSpLifetimeLeft
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The remaining lifetime of this SA pair, given in the
           units specified by the value of the corresponding
           instance of t11FcSpSaPairLifetimeLeft."
    ::= { t11FcSpSaPairEntry 6 }
        
t11FcSpSaPairLifetimeLeftUnits OBJECT-TYPE
    SYNTAX       T11FcSpLifetimeLeftUnits
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The units in which the value of the corresponding
           instance of t11FcSpSaPairLifetimeLeft specifies the
           remaining lifetime of this SA pair."
    ::= { t11FcSpSaPairEntry 7 }
        
t11FcSpSaPairLifetimeLeftUnits OBJECT-TYPE
    SYNTAX       T11FcSpLifetimeLeftUnits
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The units in which the value of the corresponding
           instance of t11FcSpSaPairLifetimeLeft specifies the
           remaining lifetime of this SA pair."
    ::= { t11FcSpSaPairEntry 7 }
        

t11FcSpSaPairTerminate OBJECT-TYPE SYNTAX INTEGER { noop(1), terminate(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to 'terminate' is a request to terminate this pair of Security Associations.

t11FcSpSaPairTerminate对象类型语法整数{noop(1),terminate(2)}MAX-ACCESS读写状态当前描述“将此对象设置为“terminate”是终止这对安全关联的请求。

           When read, the value of this object is always 'noop'.
           Setting this object to 'noop' has no effect."
    ::= { t11FcSpSaPairEntry 8 }
        
           When read, the value of this object is always 'noop'.
           Setting this object to 'noop' has no effect."
    ::= { t11FcSpSaPairEntry 8 }
        

t11FcSpSaPairInProtUnMatchs OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of frames received on this SA for which the SA's transforms were successfully applied to the frame, but the frame was still dropped because it did not match any of the SA's ingress Traffic Selectors.

T11FCSPSAPAIRINPROTUNMTCHS对象类型语法计数器64 MAX-ACCESS只读状态当前描述“此SA上接收的帧数,SA的转换已成功应用于该帧,但该帧仍被丢弃,因为它与SA的任何入口流量选择器都不匹配。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 9 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 9 }
        

t11FcSpSaPairInDetReplays OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that a replay has been detected on this Security Association. Note that a frame that is discarded because it is 'behind' the window, i.e., too old, is counted as a replay.

t11FcSpSaPairInDetReplays对象类型语法计数器64 MAX-ACCESS只读状态当前描述“在此安全关联上检测到重播的次数。请注意,由于帧“在”窗口后面(即太旧)而被丢弃的帧将计为重播。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 10 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 10 }
        

t11FcSpSaPairInBadXforms OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that a received frame was dropped because one of the transforms negotiated for this Security Association failed.

T11FCPSAPAIRINBADXForms对象类型语法计数器64 MAX-ACCESS只读状态当前描述“由于为此安全关联协商的转换之一失败而丢弃接收帧的次数。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 11 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 11 }
        

t11FcSpSaPairInGoodXforms OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only

T11FCPSAPAIRINGOODxforms对象类型语法计数器64 MAX-ACCESS只读

STATUS current DESCRIPTION "The number of received frames for which the transforms negotiated for this Security Association, were successfully applied.

STATUS current DESCRIPTION“成功应用为此安全关联协商的转换的接收帧数。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 12 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaPairEntry 12 }
        

-- -- Negotiated Ingress Traffic Selectors --

----协商入口流量选择器--

t11FcSpSaTSelNegInTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTSelNegInEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about ingress Traffic
           Selectors that are in use on active Security
           Associations."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 4.6, 4.7, and 6.4.5.
            - Use of IKEv2 in FC-SP, RFC 4595,
              July 2006, section 4.4."
    ::= { t11FcSpSaActive 2 }
        
t11FcSpSaTSelNegInTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaTSelNegInEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about ingress Traffic
           Selectors that are in use on active Security
           Associations."
    REFERENCE
           "- ANSI INCITS 426-2007, T11/Project 1570-D,
              Fibre Channel - Security Protocols (FC-SP),
              February 2007, sections 4.6, 4.7, and 6.4.5.
            - Use of IKEv2 in FC-SP, RFC 4595,
              July 2006, section 4.4."
    ::= { t11FcSpSaActive 2 }
        
t11FcSpSaTSelNegInEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaTSelNegInEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one ingress Traffic
           Selector that is in use on an active Security Association
           on an interface (identified by t11FcSpSaPairIfIndex) to
           a particular Fabric (identified by t11FcSpSaIfFabricIndex),
           managed as part of the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex, t11FcSpSaTSelNegInIndex }
    ::= { t11FcSpSaTSelNegInTable 1 }
        
t11FcSpSaTSelNegInEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaTSelNegInEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one ingress Traffic
           Selector that is in use on an active Security Association
           on an interface (identified by t11FcSpSaPairIfIndex) to
           a particular Fabric (identified by t11FcSpSaIfFabricIndex),
           managed as part of the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex, t11FcSpSaTSelNegInIndex }
    ::= { t11FcSpSaTSelNegInTable 1 }
        
T11FcSpSaTSelNegInEntry ::= SEQUENCE {
    t11FcSpSaTSelNegInIndex         Unsigned32,
    t11FcSpSaTSelNegInInboundSpi    T11FcSpiIndex,
        
T11FcSpSaTSelNegInEntry ::= SEQUENCE {
    t11FcSpSaTSelNegInIndex         Unsigned32,
    t11FcSpSaTSelNegInInboundSpi    T11FcSpiIndex,
        

t11FcSpSaTSelNegInStartSrcAddr FcAddressIdOrZero, t11FcSpSaTSelNegInEndSrcAddr FcAddressIdOrZero, t11FcSpSaTSelNegInStartDstAddr FcAddressIdOrZero, t11FcSpSaTSelNegInEndDstAddr FcAddressIdOrZero, t11FcSpSaTSelNegInStartRCtl T11FcRoutingControl, t11FcSpSaTSelNegInEndRCtl T11FcRoutingControl, t11FcSpSaTSelNegInStartType T11FcSpType, t11FcSpSaTSelNegInEndType T11FcSpType, t11FcSpSaTSelNegInUnpMtchDrops Counter64 }

T11FCPSTATSELNEGANTSRCADDR FcAddressIdOrZero,T11FCPSTATSELNEGANTRSCADDR FcAddressIdOrZero,T11FCPSTATSELNEGANTDSTADDR FcAddressIdOrZero,T11FCPSTATSELNEGANTRCTL T11FCAddressIDorZero,T11FCPSTATSELNEGANTDRCTL T11FCAddressIDorZero,T11FCSSTADSTADTELNEGANTERTYPE,T11FCSPSATSELNEGINEDTYPE T11FcSpType,t11FcSpSaTSelNegInUnpMtchDrops计数器64}

t11FcSpSaTSelNegInIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value to distinguish an ingress Traffic Selector
           from all others currently in use by Security Associations
           on the same interface to a particular Fabric."
    ::= { t11FcSpSaTSelNegInEntry 1 }
        
t11FcSpSaTSelNegInIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value to distinguish an ingress Traffic Selector
           from all others currently in use by Security Associations
           on the same interface to a particular Fabric."
    ::= { t11FcSpSaTSelNegInEntry 1 }
        

t11FcSpSaTSelNegInInboundSpi OBJECT-TYPE SYNTAX T11FcSpiIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The SPI of the ingress SA on which this Traffic Selector is in use.

t11FcSpSaTSelNegInInboundSpi对象类型语法T11FcSpiIndex MAX-ACCESS只读状态当前描述“正在使用此流量选择器的入口SA的SPI。

           This value can be used to find the SA pair's row in the
           t11FcSpSaPairTable."
    ::= { t11FcSpSaTSelNegInEntry 2 }
        
           This value can be used to find the SA pair's row in the
           t11FcSpSaPairTable."
    ::= { t11FcSpSaTSelNegInEntry 2 }
        
t11FcSpSaTSelNegInStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 3 }
        
t11FcSpSaTSelNegInStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 3 }
        

t11FcSpSaTSelNegInEndSrcAddr OBJECT-TYPE SYNTAX FcAddressIdOrZero (SIZE (3)) MAX-ACCESS read-only STATUS current DESCRIPTION

t11FcSpSaTSelNegInEndSrcAddr对象类型语法FcAddressIdOrZero(大小(3))最大访问只读状态当前说明

           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 4 }
        
           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 4 }
        
t11FcSpSaTSelNegInStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 5 }
        
t11FcSpSaTSelNegInStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 5 }
        
t11FcSpSaTSelNegInEndDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 6 }
        
t11FcSpSaTSelNegInEndDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 6 }
        
t11FcSpSaTSelNegInStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 7 }
        
t11FcSpSaTSelNegInStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 7 }
        
t11FcSpSaTSelNegInEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 8 }
        
t11FcSpSaTSelNegInEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegInEntry 8 }
        

t11FcSpSaTSelNegInStartType OBJECT-TYPE SYNTAX T11FcSpType MAX-ACCESS read-only

T11FCSPSATELNEGSTARTTYPE对象类型语法T11FcSpType MAX-ACCESS只读

    STATUS       current
    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 9 }
        
    STATUS       current
    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 9 }
        
t11FcSpSaTSelNegInEndType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 10 }
        
t11FcSpSaTSelNegInEndType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegInEntry 10 }
        

t11FcSpSaTSelNegInUnpMtchDrops OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that a received frame was dropped because it matched with this Traffic Selector but the frame was not protected as negotiated for the Security Association identified by t11FcSpSaTSelNegInInboundSpi.

T11FCPSSATSELNEGINUNPMTCHDROPS对象类型语法计数器64 MAX-ACCESS只读状态当前描述“由于接收到的帧与此流量选择器匹配,但该帧未按照T11FCPSSATSELNEGININBOUNDSPI标识的安全关联协商的方式进行保护而丢弃的次数。

           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaTSelNegInEntry 11 }
        
           This counter has no discontinuities other than those
           that all Counter64's have when sysUpTime=0."
    ::= { t11FcSpSaTSelNegInEntry 11 }
        

-- -- Negotiated Egress Traffic Selectors --

----协商出口流量选择器--

t11FcSpSaTSelNegOutTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpSaTSelNegOutEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about egress Traffic Selectors that are in use on active Security Associations." REFERENCE "- ANSI INCITS 426-2007, T11/Project 1570-D, Fibre Channel - Security Protocols (FC-SP), February 2007, sections 4.6, 4.7, and 6.4.5. - Use of IKEv2 in FC-SP, RFC 4595,

T11FCPSTSELNEGOUTABLE T11FCPSTSELNEGOUTERY MAX-ACCESS的对象类型语法序列不可访问状态当前描述“包含有关活动安全关联上使用的出口流量选择器的信息的表。”参考”-ANSI INCITS 426-2007,T11/Project 1570-D,光纤通道-安全协议(FC-SP),2007年2月,第4.6、4.7和6.4.5节-在FC-SP、RFC 4595中使用IKEv2,

              July 2006, section 4.4."
    ::= { t11FcSpSaActive 3 }
        
              July 2006, section 4.4."
    ::= { t11FcSpSaActive 3 }
        
t11FcSpSaTSelNegOutEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaTSelNegOutEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one egress Traffic
           Selector that is in use on an active Security Association
           on an interface (identified by t11FcSpSaPairIfIndex) to
           a particular Fabric (identified by t11FcSpSaIfFabricIndex),
           managed as part of the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex, t11FcSpSaTSelNegOutPrecedence }
    ::= { t11FcSpSaTSelNegOutTable 1 }
        
t11FcSpSaTSelNegOutEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaTSelNegOutEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about one egress Traffic
           Selector that is in use on an active Security Association
           on an interface (identified by t11FcSpSaPairIfIndex) to
           a particular Fabric (identified by t11FcSpSaIfFabricIndex),
           managed as part of the Fibre Channel management instance
           identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex, t11FcSpSaTSelNegOutPrecedence }
    ::= { t11FcSpSaTSelNegOutTable 1 }
        
T11FcSpSaTSelNegOutEntry ::= SEQUENCE {
    t11FcSpSaTSelNegOutPrecedence     T11FcSpPrecedence,
    t11FcSpSaTSelNegOutInboundSpi     T11FcSpiIndex,
    t11FcSpSaTSelNegOutStartSrcAddr   FcAddressIdOrZero,
    t11FcSpSaTSelNegOutEndSrcAddr     FcAddressIdOrZero,
    t11FcSpSaTSelNegOutStartDstAddr   FcAddressIdOrZero,
    t11FcSpSaTSelNegOutEndDstAddr     FcAddressIdOrZero,
    t11FcSpSaTSelNegOutStartRCtl      T11FcRoutingControl,
    t11FcSpSaTSelNegOutEndRCtl        T11FcRoutingControl,
    t11FcSpSaTSelNegOutStartType      T11FcSpType,
    t11FcSpSaTSelNegOutEndType        T11FcSpType
}
        
T11FcSpSaTSelNegOutEntry ::= SEQUENCE {
    t11FcSpSaTSelNegOutPrecedence     T11FcSpPrecedence,
    t11FcSpSaTSelNegOutInboundSpi     T11FcSpiIndex,
    t11FcSpSaTSelNegOutStartSrcAddr   FcAddressIdOrZero,
    t11FcSpSaTSelNegOutEndSrcAddr     FcAddressIdOrZero,
    t11FcSpSaTSelNegOutStartDstAddr   FcAddressIdOrZero,
    t11FcSpSaTSelNegOutEndDstAddr     FcAddressIdOrZero,
    t11FcSpSaTSelNegOutStartRCtl      T11FcRoutingControl,
    t11FcSpSaTSelNegOutEndRCtl        T11FcRoutingControl,
    t11FcSpSaTSelNegOutStartType      T11FcSpType,
    t11FcSpSaTSelNegOutEndType        T11FcSpType
}
        
t11FcSpSaTSelNegOutPrecedence OBJECT-TYPE
    SYNTAX       T11FcSpPrecedence
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The precedence of this Traffic Selector.  If and when a
           frame is compared against multiple Traffic Selectors, and
           multiple of them have a match with the frame, the security
           action to be taken for the frame is that specified for the
           matching Traffic Selector having the numerically smallest
           precedence value."
    ::= { t11FcSpSaTSelNegOutEntry 1 }
        
t11FcSpSaTSelNegOutPrecedence OBJECT-TYPE
    SYNTAX       T11FcSpPrecedence
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The precedence of this Traffic Selector.  If and when a
           frame is compared against multiple Traffic Selectors, and
           multiple of them have a match with the frame, the security
           action to be taken for the frame is that specified for the
           matching Traffic Selector having the numerically smallest
           precedence value."
    ::= { t11FcSpSaTSelNegOutEntry 1 }
        

t11FcSpSaTSelNegOutInboundSpi OBJECT-TYPE SYNTAX T11FcSpiIndex MAX-ACCESS read-only STATUS current

t11FcSpSaTSelNegOutInboundSpi对象类型语法T11FcSpiIndex MAX-ACCESS只读状态当前

DESCRIPTION "The SPI of the ingress SA of the SA pair for which this Traffic Selector is in use on the egress SA.

DESCRIPTION“在出口SA上使用此流量选择器的SA对的入口SA的SPI。

           This value can be used to find the SA pair's row in the
           t11FcSpSaPairTable."
    ::= { t11FcSpSaTSelNegOutEntry 2 }
        
           This value can be used to find the SA pair's row in the
           t11FcSpSaPairTable."
    ::= { t11FcSpSaTSelNegOutEntry 2 }
        
t11FcSpSaTSelNegOutStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 3 }
        
t11FcSpSaTSelNegOutStartSrcAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 3 }
        
t11FcSpSaTSelNegOutEndSrcAddr  OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 4 }
        
t11FcSpSaTSelNegOutEndSrcAddr  OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a source address
           (S_ID) of a frame that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 4 }
        
t11FcSpSaTSelNegOutStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 5 }
        
t11FcSpSaTSelNegOutStartDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 5 }
        
t11FcSpSaTSelNegOutEndDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 6 }
        
t11FcSpSaTSelNegOutEndDstAddr OBJECT-TYPE
    SYNTAX       FcAddressIdOrZero (SIZE (3))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 24-bit value of a destination
           address (D_ID) of a frame that will match with this
           Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 6 }
        
t11FcSpSaTSelNegOutStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 7 }
        
t11FcSpSaTSelNegOutStartRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 7 }
        
t11FcSpSaTSelNegOutEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 8 }
        
t11FcSpSaTSelNegOutEndRCtl OBJECT-TYPE
    SYNTAX       T11FcRoutingControl
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest 8-bit value contained within a
           Routing Control (R_CTL) field of a frame that will match
           with this Traffic Selector."
    ::= { t11FcSpSaTSelNegOutEntry 8 }
        
t11FcSpSaTSelNegOutStartType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 9 }
        
t11FcSpSaTSelNegOutStartType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically smallest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 9 }
        
t11FcSpSaTSelNegOutEndType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 10 }
        
t11FcSpSaTSelNegOutEndType OBJECT-TYPE
    SYNTAX       T11FcSpType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The numerically largest of a range of possible 'type'
           values of frames that will match with this Traffic
           Selector."
    ::= { t11FcSpSaTSelNegOutEntry 10 }
        

-- -- Traffic Selectors index-ed by SPI --

----由SPI编制的流量选择器索引--

t11FcSpSaTSelSpiTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcSpSaTSelSpiEntry MAX-ACCESS not-accessible STATUS current

T11FCPSSATSELSPINTRY MAX-ACCESS的T11FCPSSATSELSPITABLE对象类型语法序列不可访问状态当前

    DESCRIPTION
           "A table identifying the Traffic Selectors in use on
           particular Security Associations, INDEX-ed by their
           (ingress) SPI values."
    ::= { t11FcSpSaActive 4 }
        
    DESCRIPTION
           "A table identifying the Traffic Selectors in use on
           particular Security Associations, INDEX-ed by their
           (ingress) SPI values."
    ::= { t11FcSpSaActive 4 }
        
t11FcSpSaTSelSpiEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaTSelSpiEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry identifies one Traffic Selector in use on an SA
           pair on the interface (identified by t11FcSpSaPairIfIndex)
           to a particular Fabric (identified by
           t11FcSpSaIfFabricIndex), and managed as part of the Fibre
           Channel management instance identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex,
             t11FcSpSaTSelSpiInboundSpi, t11FcSpSaTSelSpiTrafSelIndex }
    ::= { t11FcSpSaTSelSpiTable 1 }
        
t11FcSpSaTSelSpiEntry OBJECT-TYPE
    SYNTAX       T11FcSpSaTSelSpiEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry identifies one Traffic Selector in use on an SA
           pair on the interface (identified by t11FcSpSaPairIfIndex)
           to a particular Fabric (identified by
           t11FcSpSaIfFabricIndex), and managed as part of the Fibre
           Channel management instance identified by fcmInstanceIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaPairIfIndex,
             t11FcSpSaIfFabricIndex,
             t11FcSpSaTSelSpiInboundSpi, t11FcSpSaTSelSpiTrafSelIndex }
    ::= { t11FcSpSaTSelSpiTable 1 }
        
T11FcSpSaTSelSpiEntry ::= SEQUENCE {
    t11FcSpSaTSelSpiInboundSpi     T11FcSpiIndex,
    t11FcSpSaTSelSpiTrafSelIndex   Unsigned32,
    t11FcSpSaTSelSpiDirection      T11FcSaDirection,
    t11FcSpSaTSelSpiTrafSelPtr     Unsigned32
}
        
T11FcSpSaTSelSpiEntry ::= SEQUENCE {
    t11FcSpSaTSelSpiInboundSpi     T11FcSpiIndex,
    t11FcSpSaTSelSpiTrafSelIndex   Unsigned32,
    t11FcSpSaTSelSpiDirection      T11FcSaDirection,
    t11FcSpSaTSelSpiTrafSelPtr     Unsigned32
}
        
t11FcSpSaTSelSpiInboundSpi OBJECT-TYPE
    SYNTAX       T11FcSpiIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An SPI value that identifies the ingress Security
           Association of a particular SA pair."
    ::= { t11FcSpSaTSelSpiEntry 1 }
        
t11FcSpSaTSelSpiInboundSpi OBJECT-TYPE
    SYNTAX       T11FcSpiIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An SPI value that identifies the ingress Security
           Association of a particular SA pair."
    ::= { t11FcSpSaTSelSpiEntry 1 }
        
t11FcSpSaTSelSpiTrafSelIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that distinguishes between the
           (potentially multiple) Traffic Selectors in use on
           this Security Association pair."
    ::= { t11FcSpSaTSelSpiEntry 2 }
        
t11FcSpSaTSelSpiTrafSelIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that distinguishes between the
           (potentially multiple) Traffic Selectors in use on
           this Security Association pair."
    ::= { t11FcSpSaTSelSpiEntry 2 }
        

t11FcSpSaTSelSpiDirection OBJECT-TYPE

T11FCSP卫星方向对象类型

    SYNTAX       T11FcSaDirection
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object indicates whether this Traffic Selector
           is being used for ingress or for egress traffic."
    ::= { t11FcSpSaTSelSpiEntry 3 }
        
    SYNTAX       T11FcSaDirection
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object indicates whether this Traffic Selector
           is being used for ingress or for egress traffic."
    ::= { t11FcSpSaTSelSpiEntry 3 }
        

t11FcSpSaTSelSpiTrafSelPtr OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object contains a pointer into another table that can be used to obtain more information about this Traffic Selector.

T11FCPSSATSELSPITRAFSELPTR对象类型语法Unsigned32 MAX-ACCESS只读状态当前描述“此对象包含指向另一个表的指针,可用于获取有关此流量选择器的详细信息。

If the corresponding instance of t11FcSpSaTSelSpiDirection has the value 'egress', then this object contains the value of t11FcSpSaTSelNegOutPrecedence in the row of t11FcSpSaTSelNegOutTable, which contains more information.

如果T11FCSSATSELSPIDirection的对应实例的值为“出口”,则此对象在T11FCSSATSELNEGOUTTABLE的行中包含T11FCSSATSELNEGOUTRECESS的值,该行包含更多信息。

           If the corresponding instance of t11FcSpSaTSelSpiDirection
           has the value 'ingress', then this object contains the
           value of t11FcSpSaTSelNegInIndex that identifies the row
           in t11FcSpSaTSelNegInTable containing more information."
    ::= { t11FcSpSaTSelSpiEntry 4 }
        
           If the corresponding instance of t11FcSpSaTSelSpiDirection
           has the value 'ingress', then this object contains the
           value of t11FcSpSaTSelNegInIndex that identifies the row
           in t11FcSpSaTSelNegInTable containing more information."
    ::= { t11FcSpSaTSelSpiEntry 4 }
        

-- -- Notification information & control --

----通知信息和控制--

t11FcSpSaControlTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of control and other information concerning
           the generation of notifications for events related
           to FC-SP Security Associations."
    ::= { t11FcSpSaControl 1 }
        
t11FcSpSaControlTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FcSpSaControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of control and other information concerning
           the generation of notifications for events related
           to FC-SP Security Associations."
    ::= { t11FcSpSaControl 1 }
        

t11FcSpSaControlEntry OBJECT-TYPE SYNTAX T11FcSpSaControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry identifies information for the one or more

T11FCPSAControlentry对象类型语法T11FCPSAControlentry MAX-ACCESS不可访问状态当前描述“每个条目标识一个或多个

interfaces (identified by t11FcSpSaIfIndex) to a particular Fabric (identified by t11FcSpSaIfFabricIndex), and managed as part of the Fibre Channel management instance identified by fcmInstanceIndex.

接口(由T11FCPSSAIFINDEX标识)到特定结构(由T11FCPSSAIFABRICINDEX标识),并作为fcmInstanceIndex标识的光纤通道管理实例的一部分进行管理。

           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaIfStorageType that is INDEX-ed
           by the same values of fcmInstanceIndex, t11FcSpSaIfIndex,
           and t11FcSpSaIfFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaIfFabricIndex }
    ::= { t11FcSpSaControlTable 1 }
        
           The StorageType of a row in this table is specified by
           the instance of t11FcSpSaIfStorageType that is INDEX-ed
           by the same values of fcmInstanceIndex, t11FcSpSaIfIndex,
           and t11FcSpSaIfFabricIndex."
    INDEX  { fcmInstanceIndex, t11FcSpSaIfIndex,
             t11FcSpSaIfFabricIndex }
    ::= { t11FcSpSaControlTable 1 }
        
T11FcSpSaControlEntry ::= SEQUENCE {
    t11FcSpSaControlAuthFailEnable  TruthValue,
    t11FcSpSaControlInboundSpi      T11FcSpiIndex,
    t11FcSpSaControlSource          FcAddressIdOrZero,
    t11FcSpSaControlDestination     FcAddressIdOrZero,
    t11FcSpSaControlFrame           OCTET STRING,
    t11FcSpSaControlElapsed         TimeTicks,
    t11FcSpSaControlSuppressed      Gauge32,
    t11FcSpSaControlWindow          Unsigned32,
    t11FcSpSaControlMaxNotifs       Unsigned32,
    t11FcSpSaControlLifeExcdEnable  TruthValue,
    t11FcSpSaControlLifeExcdSpi     T11FcSpiIndex,
    t11FcSpSaControlLifeExcdDir     T11FcSaDirection,
    t11FcSpSaControlLifeExcdTime    TimeStamp
}
        
T11FcSpSaControlEntry ::= SEQUENCE {
    t11FcSpSaControlAuthFailEnable  TruthValue,
    t11FcSpSaControlInboundSpi      T11FcSpiIndex,
    t11FcSpSaControlSource          FcAddressIdOrZero,
    t11FcSpSaControlDestination     FcAddressIdOrZero,
    t11FcSpSaControlFrame           OCTET STRING,
    t11FcSpSaControlElapsed         TimeTicks,
    t11FcSpSaControlSuppressed      Gauge32,
    t11FcSpSaControlWindow          Unsigned32,
    t11FcSpSaControlMaxNotifs       Unsigned32,
    t11FcSpSaControlLifeExcdEnable  TruthValue,
    t11FcSpSaControlLifeExcdSpi     T11FcSpiIndex,
    t11FcSpSaControlLifeExcdDir     T11FcSaDirection,
    t11FcSpSaControlLifeExcdTime    TimeStamp
}
        
t11FcSpSaControlAuthFailEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether a t11FcSpSaNotifyAuthFailure
           notification should be generated for the first occurrence
           of an Authentication failure within a time window for this
           Fabric."
    ::= { t11FcSpSaControlEntry 1 }
        
t11FcSpSaControlAuthFailEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether a t11FcSpSaNotifyAuthFailure
           notification should be generated for the first occurrence
           of an Authentication failure within a time window for this
           Fabric."
    ::= { t11FcSpSaControlEntry 1 }
        

t11FcSpSaControlInboundSpi OBJECT-TYPE SYNTAX T11FcSpiIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The SPI value of the ingress Security Association on which was received the last frame for which a t11FcSpSaNotifyAuthFailure was generated.

T11FCSPASCONTROLINBOUNDSPI对象类型语法T11FcSpiIndex MAX-ACCESS只读状态当前描述“入口安全关联的SPI值,在该关联上接收到生成t11FcSpSaNotifyAuthFailure的最后一帧。

           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is zero."
    ::= { t11FcSpSaControlEntry 2 }
        
           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is zero."
    ::= { t11FcSpSaControlEntry 2 }
        

t11FcSpSaControlSource OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "The S_ID contained in the last frame for which a t11FcSpSaNotifyAuthFailure was generated.

T11FCPSASCONTROLSOURCE对象类型语法FcAddressIdOrZero MAX-ACCESS只读状态当前描述“为其生成T11FCPSSANOTIFYAUTHFAILURE的最后一帧中包含的S_ID。

           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is the
           zero-length string."
    ::= { t11FcSpSaControlEntry 3 }
        
           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is the
           zero-length string."
    ::= { t11FcSpSaControlEntry 3 }
        

t11FcSpSaControlDestination OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "The D_ID contained in the last frame for which a t11FcSpSaNotifyAuthFailure was generated.

T11FCPSSAControlDestination对象类型语法FcAddressIdOrZero MAX-ACCESS只读状态当前描述“为其生成T11FCPSSANotifyAuthFailure的最后一帧中包含的数据单元ID。

           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is the
           zero-length string."
    ::= { t11FcSpSaControlEntry 4 }
        
           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is the
           zero-length string."
    ::= { t11FcSpSaControlEntry 4 }
        

t11FcSpSaControlFrame OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..256)) MAX-ACCESS read-only STATUS current DESCRIPTION "The binary content of the last frame for which a t11FcSpSaNotifyAuthFailure was generated. If more than 256 bytes of the frame are available, then this object contains the first 256 bytes. If less than 256 bytes of the frame are available, then this object contains the first N bytes, where N is greater or equal to zero.

T11FCPSAControlFrame对象类型语法八位字节字符串(大小(0..256))最大访问只读状态当前说明“为其生成T11FCPSSANOTIFYAUTHFAILURE的最后一帧的二进制内容。如果帧的可用字节数超过256个,则此对象包含前256个字节。如果可用的帧少于256字节,则此对象包含前N个字节,其中N大于或等于零。

           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is the
           zero-length string."
    ::= { t11FcSpSaControlEntry 5 }
        
           If no t11FcSpSaNotifyAuthFailure notifications have
           been generated, the value of this object is the
           zero-length string."
    ::= { t11FcSpSaControlEntry 5 }
        

t11FcSpSaControlElapsed OBJECT-TYPE

T11FCPSA控制失效对象类型

    SYNTAX       TimeTicks
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The elapsed time since the last generation of a
           t11FcSpSaNotifyAuthFailure notification on the same
           Fabric, or the value of sysUpTime if no
           t11FcSpSaNotifyAuthFailure notifications have been
           generated since the last restart."
    ::= { t11FcSpSaControlEntry 6 }
        
    SYNTAX       TimeTicks
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The elapsed time since the last generation of a
           t11FcSpSaNotifyAuthFailure notification on the same
           Fabric, or the value of sysUpTime if no
           t11FcSpSaNotifyAuthFailure notifications have been
           generated since the last restart."
    ::= { t11FcSpSaControlEntry 6 }
        

t11FcSpSaControlSuppressed OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of occurrences of an Authentication failure on a Fabric that were suppressed because they occurred on the same Fabric within the same time window as a previous Authentication failure for which a t11FcSpSaNotifyAuthFailure notification was generated.

T11FCPSA控制抑制的对象类型语法量表32 MAX-ACCESS只读状态当前说明“由于身份验证失败发生在与上次身份验证失败相同的时间窗口内的同一个结构上而被抑制的身份验证失败的发生次数,上次身份验证失败生成了T11FCPSSANOTIFYAUTHFAILURE通知。

           The value of this object is reset to zero on a restart
           of the network management subsystem, and whenever a
           t11FcSpSaNotifyAuthFailure notification is generated.
           In the event that the value of this object reaches its
           maximum value, it remains at that value until it is
           reset on the generation of the next
           t11FcSpSaNotifyAuthFailure notification."
    ::= { t11FcSpSaControlEntry 7 }
        
           The value of this object is reset to zero on a restart
           of the network management subsystem, and whenever a
           t11FcSpSaNotifyAuthFailure notification is generated.
           In the event that the value of this object reaches its
           maximum value, it remains at that value until it is
           reset on the generation of the next
           t11FcSpSaNotifyAuthFailure notification."
    ::= { t11FcSpSaControlEntry 7 }
        

t11FcSpSaControlWindow OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The length of a time window that begins when a t11FcSpSaNotifyAuthFailure notification is generated for any Security Association on a particular Fabric. For the duration of the time window, further Authentication failures occurring for the same Security Association are counted but no t11FcSpSaNotifyAuthFailure notification is generated.

t11FcSpSaControlWindow OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The length of a time window that begins when a t11FcSpSaNotifyAuthFailure notification is generated for any Security Association on a particular Fabric. For the duration of the time window, further Authentication failures occurring for the same Security Association are counted but no t11FcSpSaNotifyAuthFailure notification is generated.translate error, please retry

When this object is modified before the end of a time window, that time window is immediately terminated, i.e., the next Authentication failure on the relevant Fabric after the modification will cause a new time window to

当在时间窗口结束之前修改此对象时,该时间窗口将立即终止,即,修改后相关结构上的下一次身份验证失败将导致新的时间窗口终止

           begin with the new length."
    DEFVAL   { 300 }
    ::= { t11FcSpSaControlEntry 8 }
        
           begin with the new length."
    DEFVAL   { 300 }
    ::= { t11FcSpSaControlEntry 8 }
        

t11FcSpSaControlMaxNotifs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of t11FcSpSaNotifyAuthFailure notifications to be generated per Fabric within a t11FcSpSaControlWindow time window. Subsequent Authentication failures occurring on the same Fabric in the same time window are counted, but no t11FcSpSaNotifyAuthFailure notification is generated.

T11FCPSAControlMaxNotifs对象类型语法Unsigned32 MAX-ACCESS读写状态当前说明“在T11FCPSASCONTROLWINDOWS时间窗口内,每个结构生成的T11FCPSSANOTIFYAUTHFAILURE通知的最大数量。统计在同一时间窗口内同一结构上发生的后续身份验证失败,但不生成T11FCPSSANOTIFYAUTHFAILURE通知。

           When this object is modified before the end of a time
           window, that time window is immediately terminated, i.e.,
           the next Authentication failure on the relevant Fabric
           after the modification will cause a new time window to
           begin with the new length."
    DEFVAL   { 16 }
    ::= { t11FcSpSaControlEntry 9 }
        
           When this object is modified before the end of a time
           window, that time window is immediately terminated, i.e.,
           the next Authentication failure on the relevant Fabric
           after the modification will cause a new time window to
           begin with the new length."
    DEFVAL   { 16 }
    ::= { t11FcSpSaControlEntry 9 }
        
t11FcSpSaControlLifeExcdEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether t11FcSpSaNotifyLifeExceeded
           notifications should be generated for this Fabric."
    DEFVAL   { true }
    ::= { t11FcSpSaControlEntry 10 }
        
t11FcSpSaControlLifeExcdEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether t11FcSpSaNotifyLifeExceeded
           notifications should be generated for this Fabric."
    DEFVAL   { true }
    ::= { t11FcSpSaControlEntry 10 }
        
t11FcSpSaControlLifeExcdSpi OBJECT-TYPE
    SYNTAX       T11FcSpiIndex
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The SPI of the SA that was most recently terminated
           because its lifetime (in seconds or in passed bytes)
           was exceeded.  Such terminations include those due to
           a failed attempt to renew an SA after its lifetime was
           exceeded."
    ::= { t11FcSpSaControlEntry 11 }
        
t11FcSpSaControlLifeExcdSpi OBJECT-TYPE
    SYNTAX       T11FcSpiIndex
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The SPI of the SA that was most recently terminated
           because its lifetime (in seconds or in passed bytes)
           was exceeded.  Such terminations include those due to
           a failed attempt to renew an SA after its lifetime was
           exceeded."
    ::= { t11FcSpSaControlEntry 11 }
        

t11FcSpSaControlLifeExcdDir OBJECT-TYPE SYNTAX T11FcSaDirection

T11FCPSASCONTROLLIFEEXCDDIR对象类型语法T11FcSaDirection

    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The direction of frame transmission on the SA that was
           most recently terminated because its lifetime (in seconds
           or in passed bytes) was exceeded."
    ::= { t11FcSpSaControlEntry 12 }
        
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The direction of frame transmission on the SA that was
           most recently terminated because its lifetime (in seconds
           or in passed bytes) was exceeded."
    ::= { t11FcSpSaControlEntry 12 }
        
t11FcSpSaControlLifeExcdTime OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The time of the most recent termination of an SA
           due to its lifetime (in seconds or in passed bytes)
           being exceeded.  Such terminations include those
           due to a failed attempt to renew an SA after its
           lifetime was exceeded."
    ::= { t11FcSpSaControlEntry 13 }
        
t11FcSpSaControlLifeExcdTime OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The time of the most recent termination of an SA
           due to its lifetime (in seconds or in passed bytes)
           being exceeded.  Such terminations include those
           due to a failed attempt to renew an SA after its
           lifetime was exceeded."
    ::= { t11FcSpSaControlEntry 13 }
        

-- -- Notification definitions --

----通知定义--

t11FcSpSaNotifyAuthFailure NOTIFICATION-TYPE OBJECTS { t11FcSpSaControlInboundSpi, t11FcSpSaControlSource, t11FcSpSaControlDestination, t11FcSpSaControlFrame, t11FcSpSaControlElapsed, t11FcSpSaControlSuppressed } STATUS current DESCRIPTION "When this notification is generated, it indicates the occurrence of an Authentication failure for a received FC-2 or CT_IU frame. The t11FcSpSaControlInboundSpi, t11FcSpSaControlSource, and t11FcSpSaControlDestination objects in the varbindlist are the frame's SPI, source and destination addresses, respectively. t11FcSpSaControlFrame provides the (beginning of the) frame's content if such is available.

T11FCPSSANOTIFYAUTHFAILURE通知类型对象{T11FCPSAControlinboundSPI,T11FCPSAControlSource,T11FCPSAControlDestination,T11FCPSAControlFrame,T11FCPSAControlepersed,T11FCPSAControlsupprested}状态当前说明“生成此通知时,表示接收到的FC-2或CT_IU帧发生身份验证失败。varbindlist中的t11fcssacontrolibundspi、t11fcssacontrolsource和t11fcssacontroldestination对象分别是帧的SPI、源和目标地址。T11FCPSASCONTROLFRAME提供框架内容(如果可用)的开头。

This notification is generated only for the first occurrence of an Authentication failure on a Fabric within a time window. Subsequent occurrences of an Authentication Failure on the same Fabric within the same time window are counted but suppressed.

仅当在一个时间窗口内结构上首次出现身份验证失败时,才会生成此通知。在同一时间窗口内,同一结构上随后发生的身份验证失败会被计数,但会被抑制。

           The value of t11FcSpSaControlElapsed contains (a lower bound
           on) the elapsed time since the last generation of this
           notification for the same Fabric.  The value of
           t11FcSpSaControlSuppressed contains the number of
           generations which were suppressed in the time window after
           that last generation, or zero if unknown."
    ::= { t11FcSpSaMIBNotifications 1 }
        
           The value of t11FcSpSaControlElapsed contains (a lower bound
           on) the elapsed time since the last generation of this
           notification for the same Fabric.  The value of
           t11FcSpSaControlSuppressed contains the number of
           generations which were suppressed in the time window after
           that last generation, or zero if unknown."
    ::= { t11FcSpSaMIBNotifications 1 }
        
t11FcSpSaNotifyLifeExceeded NOTIFICATION-TYPE
    OBJECTS      { t11FcSpSaControlLifeExcdSpi,
                   t11FcSpSaControlLifeExcdDir }
    STATUS       current
    DESCRIPTION
           "This notification is generated when the lifetime (in
           seconds or in passed bytes) of an SA is exceeded, and the
           SA is either immediately terminated or is terminated
           because an attempt to renew the SA fails.  The values of
           t11FcSpSaControlLifeExcdSpi and t11FcSpSaControlLifeExcdDir
           contain the SPI and direction of the terminated SA."
    ::= { t11FcSpSaMIBNotifications 2 }
        
t11FcSpSaNotifyLifeExceeded NOTIFICATION-TYPE
    OBJECTS      { t11FcSpSaControlLifeExcdSpi,
                   t11FcSpSaControlLifeExcdDir }
    STATUS       current
    DESCRIPTION
           "This notification is generated when the lifetime (in
           seconds or in passed bytes) of an SA is exceeded, and the
           SA is either immediately terminated or is terminated
           because an attempt to renew the SA fails.  The values of
           t11FcSpSaControlLifeExcdSpi and t11FcSpSaControlLifeExcdDir
           contain the SPI and direction of the terminated SA."
    ::= { t11FcSpSaMIBNotifications 2 }
        

-- -- Conformance --

----一致性--

t11FcSpSaMIBCompliances
                    OBJECT IDENTIFIER ::= { t11FcSpSaMIBConformance 1 }
t11FcSpSaMIBGroups  OBJECT IDENTIFIER ::= { t11FcSpSaMIBConformance 2 }
        
t11FcSpSaMIBCompliances
                    OBJECT IDENTIFIER ::= { t11FcSpSaMIBConformance 1 }
t11FcSpSaMIBGroups  OBJECT IDENTIFIER ::= { t11FcSpSaMIBConformance 2 }
        

t11FcSpSaMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that implement FC-SP Security Associations."

T11FCPSSAMIBCompliance MODULE-COMPLIANCE STATUS当前描述“实施FC-SP安全关联的实体的合规性声明。”

MODULE -- this module MANDATORY-GROUPS { t11FcSpSaCapabilityGroup, t11FcSpSaParamStatusGroup, t11FcSpSaSummaryCountGroup, t11FcSpSaProposalGroup, t11FcSpSaDropBypassGroup, t11FcSpSaActiveGroup, t11FcSpSaNotifInfoGroup, t11FcSpSaNotificationGroup }

模块--此模块为必填组{T11FCPSASCapabilityGroup,T11FCSSASParamStatusGroup,T11FCSSASSummary CountGroup,T11FCSSASPSAProposalGroup,T11FCSSASAPropsBypassGroup,T11FCSSASASASACTIVEGROUP,T11FCSSANotificationGroup}

-- The following is an auxiliary (listed in an INDEX clause)

--以下是一个辅助语句(列在索引子句中)

       -- object for which the SMIv2 does not allow an OBJECT clause
       -- to be specified, but for which this MIB has the following
       -- compliance requirement:
       --      OBJECT        t11FcSpSaIfIndex
       --      DESCRIPTION
       --          Compliance requires support for either one of:
       --          - individual interfaces using ifIndex values, or
       --          - the use of the zero value.
        
       -- object for which the SMIv2 does not allow an OBJECT clause
       -- to be specified, but for which this MIB has the following
       -- compliance requirement:
       --      OBJECT        t11FcSpSaIfIndex
       --      DESCRIPTION
       --          Compliance requires support for either one of:
       --          - individual interfaces using ifIndex values, or
       --          - the use of the zero value.
        

-- Write access is not required for any objects in this MIB module:

--此MIB模块中的任何对象都不需要写访问权限:

OBJECT t11FcSpSaIfStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSAIFStorageType MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELPROPStorageType最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTransStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSATransStorageType最小访问只读描述“不需要写访问。”

OBJECT t11FcSpSaIfReplayPrevention MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSAIFREPLAYPREvention最小访问只读描述“不需要写访问。”

OBJECT t11FcSpSaIfReplayWindowSize MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSAIFREPLAYWINDOWSIZE最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaIfTerminateAllSas MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSAIfterMinateAllSAS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaPropSecurityProt MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象t11FcSpSaPropSecurityProt最小访问只读描述“不需要写访问。”

OBJECT t11FcSpSaPropTSelListIndex MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSAPROPTSELISTINDEX最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaPropTransListIndex MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSAPROPTRANSTINDEX最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaPropAcceptAlgorithm

对象T11FCSP算法

MIN-ACCESS read-only DESCRIPTION "Write access is not required."

MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaPropRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSAPROPROWROWSTATUS MIN-ACCESS只读说明“不需要写访问权限。”

OBJECT t11FcSpSaTSelPropDirection MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELPROPPORDIATION MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropStartSrcAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSATSELPROPSTARTSRCADDR最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropEndSrcAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSATELPROPERPENDSRCADDR MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropStartDstAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSATSELPROPSTARTDSTADDR MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropEndDstAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELPROPERPENDSDSTADDR最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropStartRCtl MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSATELPROPSTARTRCTL最小访问只读说明“不需要写入访问。”

OBJECT t11FcSpSaTSelPropEndRCtl MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPSATELPROPERTYCTL最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropStartType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELPROPSTARTTYPE MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropEndType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELPROPENDTYPE最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelPropRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELPROPROBROWSTATUS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTransSecurityProt

对象T11FCPSSATransSecurityProt

MIN-ACCESS read-only DESCRIPTION "Write access is not required."

MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTransEncryptAlg MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSATransEncryptalg最小访问只读描述“不需要写访问。”

OBJECT t11FcSpSaTransEncryptKeyLen MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATransEncryptKeyLen最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTransIntegrityAlg MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATRANSINTEGRITYALG最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTransRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATRANSROWSTATUS最小访问只读描述“不需要写访问。”

OBJECT t11FcSpSaTSelDrByAction MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYACTION MIN-ACCESS只读描述“不需要写访问。”

OBJECT t11FcSpSaTSelDrByStartSrcAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSATSELDRBYSTARTSRCADDR MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByEndSrcAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYENDSRCADDR MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByStartDstAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYSTARTDSTADDR MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByEndDstAddr MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYENDDSTADD最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByStartRCtl MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYSTARTRCTL MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByEndRCtl MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYENDRCTL MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByStartType

对象T11FCSPSATELDRBYSTARTYPE

MIN-ACCESS read-only DESCRIPTION "Write access is not required."

MIN-ACCESS只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByEndType MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYENDTYPE最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaTSelDrByRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSSATELDRBYROWSTATUS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaPairTerminate MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCSPASPAIRTERMIN-ACCESS只读描述“不需要写访问。”

OBJECT t11FcSpSaControlAuthFailEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSASCONTROLAUTHFAILENABLE最小访问只读描述“不需要写访问。”

OBJECT t11FcSpSaControlWindow MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSAControlWindow最小访问只读描述“不需要写访问。”

OBJECT t11FcSpSaControlMaxNotifs MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSASCONTROLMAXNOTIFS最小访问只读说明“不需要写访问。”

OBJECT t11FcSpSaControlLifeExcdEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required."

对象T11FCPSASCONTROLLIFEEXCDENABLE最小访问只读说明“不需要写访问。”

    ::= { t11FcSpSaMIBCompliances 1 }
        
    ::= { t11FcSpSaMIBCompliances 1 }
        

-- Units of Conformance

--一致性单位

t11FcSpSaCapabilityGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaIfEspHeaderCapab,
               t11FcSpSaIfCTAuthCapab,
               t11FcSpSaIfIKEv2Capab,
               t11FcSpSaIfIkev2AuthCapab
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           related to capabilities of FC-SP entities."
    ::= { t11FcSpSaMIBGroups 1 }
        
t11FcSpSaCapabilityGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaIfEspHeaderCapab,
               t11FcSpSaIfCTAuthCapab,
               t11FcSpSaIfIKEv2Capab,
               t11FcSpSaIfIkev2AuthCapab
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           related to capabilities of FC-SP entities."
    ::= { t11FcSpSaMIBGroups 1 }
        

t11FcSpSaParamStatusGroup OBJECT-GROUP

T11FCSP参数状态组对象组

    OBJECTS  { t11FcSpSaIfStorageType,
               t11FcSpSaIfReplayPrevention,
               t11FcSpSaIfReplayWindowSize,
               t11FcSpSaIfDeadPeerDetections,
               t11FcSpSaIfTerminateAllSas
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing parameters
           and status information related to FC-SP entities."
    ::= { t11FcSpSaMIBGroups 2 }
        
    OBJECTS  { t11FcSpSaIfStorageType,
               t11FcSpSaIfReplayPrevention,
               t11FcSpSaIfReplayWindowSize,
               t11FcSpSaIfDeadPeerDetections,
               t11FcSpSaIfTerminateAllSas
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing parameters
           and status information related to FC-SP entities."
    ::= { t11FcSpSaMIBGroups 2 }
        
t11FcSpSaSummaryCountGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaIfOutDrops,
               t11FcSpSaIfOutBypasses,
               t11FcSpSaIfOutProcesses,
               t11FcSpSaIfOutUnMatcheds,
               t11FcSpSaIfInUnprotUnmtchDrops,
               t11FcSpSaIfInDetReplays,
               t11FcSpSaIfInUnprotMtchDrops,
               t11FcSpSaIfInBadXforms,
               t11FcSpSaIfInGoodXforms,
               t11FcSpSaIfInProtUnmtchs
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing summary
           counters for FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 3 }
        
t11FcSpSaSummaryCountGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaIfOutDrops,
               t11FcSpSaIfOutBypasses,
               t11FcSpSaIfOutProcesses,
               t11FcSpSaIfOutUnMatcheds,
               t11FcSpSaIfInUnprotUnmtchDrops,
               t11FcSpSaIfInDetReplays,
               t11FcSpSaIfInUnprotMtchDrops,
               t11FcSpSaIfInBadXforms,
               t11FcSpSaIfInGoodXforms,
               t11FcSpSaIfInProtUnmtchs
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing summary
           counters for FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 3 }
        

t11FcSpSaProposalGroup OBJECT-GROUP OBJECTS { t11FcSpSaPropSecurityProt, t11FcSpSaPropTSelListIndex, t11FcSpSaPropTransListIndex, t11FcSpSaPropAcceptAlgorithm, t11FcSpSaPropOutMatchSucceeds, t11FcSpSaPropRowStatus, t11FcSpSaTSelPropDirection, t11FcSpSaTSelPropStartSrcAddr, t11FcSpSaTSelPropEndSrcAddr, t11FcSpSaTSelPropStartDstAddr, t11FcSpSaTSelPropEndDstAddr, t11FcSpSaTSelPropStartRCtl, t11FcSpSaTSelPropEndRCtl, t11FcSpSaTSelPropStartType, t11FcSpSaTSelPropEndType, t11FcSpSaTSelPropStorageType, t11FcSpSaTSelPropRowStatus

T11FCPSaproposalGroup对象组对象{T11FCSPropSecurityProt,T11FCSPropTsellistindex,T11FCSPropTransistIndex,T11FCSPropAcceptalMethod,T11FCSPropOutMatchSuccesses,T11FCSProprowStatus,T11FCSPatSelPropStartSrcAddress,T11FCSPatSelPropStartDddr,T11FCSPatSelPropStartDddr,T11FCSPatSelPropStartTrCtl,t11FCPSTATSELPROPENDRCTL、T11FCPSTATSELPROPSTARTTYPE、T11FCPSTATSELPROPENDTYPE、T11FCSSTATSELPROPStorageType、T11FCSSTATSELPROPROPROPROBROWSTATUS

             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           related to making and accepting proposals for
           FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 4 }
        
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           related to making and accepting proposals for
           FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 4 }
        
t11FcSpSaDropBypassGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaTSelDrByAction,
               t11FcSpSaTSelDrByStartSrcAddr,
               t11FcSpSaTSelDrByEndSrcAddr,
               t11FcSpSaTSelDrByStartDstAddr,
               t11FcSpSaTSelDrByEndDstAddr,
               t11FcSpSaTSelDrByStartRCtl,
               t11FcSpSaTSelDrByEndRCtl,
               t11FcSpSaTSelDrByStartType,
               t11FcSpSaTSelDrByEndType,
               t11FcSpSaTSelDrByMatches,
               t11FcSpSaTSelDrByRowStatus
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           about Traffic Selectors of traffic to drop or bypass
           for FC-SP Security."
    ::= { t11FcSpSaMIBGroups 5 }
        
t11FcSpSaDropBypassGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaTSelDrByAction,
               t11FcSpSaTSelDrByStartSrcAddr,
               t11FcSpSaTSelDrByEndSrcAddr,
               t11FcSpSaTSelDrByStartDstAddr,
               t11FcSpSaTSelDrByEndDstAddr,
               t11FcSpSaTSelDrByStartRCtl,
               t11FcSpSaTSelDrByEndRCtl,
               t11FcSpSaTSelDrByStartType,
               t11FcSpSaTSelDrByEndType,
               t11FcSpSaTSelDrByMatches,
               t11FcSpSaTSelDrByRowStatus
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           about Traffic Selectors of traffic to drop or bypass
           for FC-SP Security."
    ::= { t11FcSpSaMIBGroups 5 }
        

t11FcSpSaActiveGroup OBJECT-GROUP OBJECTS { t11FcSpSaPairSecurityProt, t11FcSpSaPairTransListIndex, t11FcSpSaPairTransIndex, t11FcSpSaPairLifetimeLeft, t11FcSpSaPairLifetimeLeftUnits, t11FcSpSaPairTerminate, t11FcSpSaPairInProtUnMatchs, t11FcSpSaPairInDetReplays, t11FcSpSaPairInBadXforms, t11FcSpSaPairInGoodXforms, t11FcSpSaTransSecurityProt, t11FcSpSaTransEncryptAlg, t11FcSpSaTransEncryptKeyLen, t11FcSpSaTransIntegrityAlg, t11FcSpSaTransStorageType, t11FcSpSaTransRowStatus, t11FcSpSaTSelNegInInboundSpi, t11FcSpSaTSelNegInStartSrcAddr, t11FcSpSaTSelNegInEndSrcAddr,

T11FCPSA激活组对象-组对象{T11FCSPAIRSecurityProt、T11FCSPAIRSTransistIndex、T11FCSPAIRSTransistIndex、T11FCSPAIRSAIRLIFETIMELEFT、T11FCSPAIRLIFETIMELEFTUNITS、T11FCSPAIRSINTProtummchs、T11FCSPAIRSAPAIRLINADXForms、T11FCSPAIRSAIRLINGOODXForms、T11FCSPAIRSATTranssecurityProt、T11FCSPAIRSATEncryptalG、T11FCSPAIRSATTransferencryPptKeyLen、T11FCSPSATRANSINTEGRITYLG、T11FCSPSATRANSTORGE、t11FcSpSaTransRowStatus、T11FCSPSATELNEGININBOUNDSPI、T11FCSPSATELNEGININSCRCADDR、T11FCSPSATELNEGINENDSRCADDR、,

               t11FcSpSaTSelNegInStartDstAddr,
               t11FcSpSaTSelNegInEndDstAddr,
               t11FcSpSaTSelNegInStartRCtl,
               t11FcSpSaTSelNegInEndRCtl,
               t11FcSpSaTSelNegInStartType,
               t11FcSpSaTSelNegInEndType,
               t11FcSpSaTSelNegInUnpMtchDrops,
               t11FcSpSaTSelNegOutInboundSpi,
               t11FcSpSaTSelNegOutStartSrcAddr,
               t11FcSpSaTSelNegOutEndSrcAddr,
               t11FcSpSaTSelNegOutStartDstAddr,
               t11FcSpSaTSelNegOutEndDstAddr,
               t11FcSpSaTSelNegOutStartRCtl,
               t11FcSpSaTSelNegOutEndRCtl,
               t11FcSpSaTSelNegOutStartType,
               t11FcSpSaTSelNegOutEndType,
               t11FcSpSaTSelSpiDirection,
               t11FcSpSaTSelSpiTrafSelPtr
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information related
           to currently active FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 6 }
        
               t11FcSpSaTSelNegInStartDstAddr,
               t11FcSpSaTSelNegInEndDstAddr,
               t11FcSpSaTSelNegInStartRCtl,
               t11FcSpSaTSelNegInEndRCtl,
               t11FcSpSaTSelNegInStartType,
               t11FcSpSaTSelNegInEndType,
               t11FcSpSaTSelNegInUnpMtchDrops,
               t11FcSpSaTSelNegOutInboundSpi,
               t11FcSpSaTSelNegOutStartSrcAddr,
               t11FcSpSaTSelNegOutEndSrcAddr,
               t11FcSpSaTSelNegOutStartDstAddr,
               t11FcSpSaTSelNegOutEndDstAddr,
               t11FcSpSaTSelNegOutStartRCtl,
               t11FcSpSaTSelNegOutEndRCtl,
               t11FcSpSaTSelNegOutStartType,
               t11FcSpSaTSelNegOutEndType,
               t11FcSpSaTSelSpiDirection,
               t11FcSpSaTSelSpiTrafSelPtr
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information related
           to currently active FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 6 }
        
t11FcSpSaNotifInfoGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaControlAuthFailEnable,
               t11FcSpSaControlInboundSpi,
               t11FcSpSaControlSource,
               t11FcSpSaControlDestination,
               t11FcSpSaControlFrame,
               t11FcSpSaControlElapsed,
               t11FcSpSaControlSuppressed,
               t11FcSpSaControlWindow,
               t11FcSpSaControlMaxNotifs,
               t11FcSpSaControlLifeExcdEnable,
               t11FcSpSaControlLifeExcdSpi,
               t11FcSpSaControlLifeExcdDir,
               t11FcSpSaControlLifeExcdTime
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           related to notifications of events concerning
           FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 7 }
        
t11FcSpSaNotifInfoGroup OBJECT-GROUP
    OBJECTS  { t11FcSpSaControlAuthFailEnable,
               t11FcSpSaControlInboundSpi,
               t11FcSpSaControlSource,
               t11FcSpSaControlDestination,
               t11FcSpSaControlFrame,
               t11FcSpSaControlElapsed,
               t11FcSpSaControlSuppressed,
               t11FcSpSaControlWindow,
               t11FcSpSaControlMaxNotifs,
               t11FcSpSaControlLifeExcdEnable,
               t11FcSpSaControlLifeExcdSpi,
               t11FcSpSaControlLifeExcdDir,
               t11FcSpSaControlLifeExcdTime
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           related to notifications of events concerning
           FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 7 }
        
t11FcSpSaNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS  { t11FcSpSaNotifyAuthFailure,
                     t11FcSpSaNotifyLifeExceeded
                   }
    STATUS         current
    DESCRIPTION
           "A collection of notifications of events concerning
           FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 8 }
        
t11FcSpSaNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS  { t11FcSpSaNotifyAuthFailure,
                     t11FcSpSaNotifyLifeExceeded
                   }
    STATUS         current
    DESCRIPTION
           "A collection of notifications of events concerning
           FC-SP Security Associations."
    ::= { t11FcSpSaMIBGroups 8 }
        

END

终止

7. IANA Considerations
7. IANA考虑

IANA has made one MIB OID assignment, under the appropriate subtree, for each of the five MIB modules defined in this document.

IANA已在相应子树下为本文档中定义的五个MIB模块中的每一个分配了一个MIB OID。

8. Security Considerations
8. 安全考虑

In this section, the first sub-section explains why this document does not define MIB objects for particular items of (management) information. This is followed by one sub-section for each of the MIB modules defined in section 6, listing their individual Security Considerations. The section concludes with Security Considerations common to all of these MIB modules.

在本节中,第一小节解释了为什么本文档没有为(管理)信息的特定项定义MIB对象。接下来是第6节中定义的每个MIB模块的一个子节,列出了它们各自的安全注意事项。本节最后介绍了所有这些MIB模块共有的安全注意事项。

The key word "RECOMMENDED" contained in this section is to be interpreted as described in BCP 14 [RFC2119].

本节中包含的关键词“推荐”应按照BCP 14[RFC2119]中所述进行解释。

8.1. Information Not Defined in This Document
8.1. 本文档中未定义的信息

This document doesn't define any MIB objects for the secrets that need to be known/determined by FC-SP entities in order to use DH-CHAP to authenticate each other. Such secrets are "highly sensitive" and need to be "strong secrets" (e.g., randomly generated and/or from an external source, see section 5.4.8 of [FC-SP]) rather than just passwords. Thus, such secrets need to be managed by mechanisms other than the MIB modules defined here.

本文档没有为FC-SP实体需要知道/确定的秘密定义任何MIB对象,以便使用DH-CHAP相互验证。此类机密是“高度敏感”的,必须是“强机密”(例如,随机生成和/或来自外部来源,参见[FC-SP]第5.4.8节),而不仅仅是密码。因此,此类机密需要由此处定义的MIB模块以外的机制进行管理。

8.2. The T11-FC-SP-TC-MIB Module
8.2. T11-FC-SP-TC-MIB模块

This MIB module defines some data types and assigns some Object Identifiers, for use as the syntax and as values of MIB objects, respectively, but it itself defines no MIB objects. Thus, there is no direct read or write access via a management protocol, such as SNMP, to these definitions. Nevertheless, it does include the assignment of enumerations and OIDs to represent cryptographic algorithms/transforms, and it is appropriate for such assignments to

此MIB模块定义一些数据类型并分配一些对象标识符,分别用作MIB对象的语法和值,但它本身不定义MIB对象。因此,无法通过管理协议(如SNMP)直接读取或写入这些定义。然而,它确实包括枚举和OID的分配,以表示加密算法/转换,并且这种分配适合于

be augmented with new assignments as and when new algorithms/transforms are available.

当有新的算法/转换可用时,可以增加新的分配。

8.3. The T11-FC-SP-AUTHENTICATION-MIB Module
8.3. T11-FC-SP-AUTHENTICATION-MIB模块

There are several management objects defined in this MIB module with a MAX-ACCESS clause of read-write. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These objects and their sensitivity/vulnerability are:

此MIB模块中定义了多个管理对象,其中MAX-ACCESS子句为read-write。在某些网络环境中,此类对象可能被视为敏感或易受攻击。在没有适当保护的非安全环境中支持SET操作可能会对网络操作产生负面影响。这些对象及其敏感性/脆弱性包括:

t11FcSpAuStorageType - could cause changes in the configuration to be retained or not retained over restarts, against the wishes of management.

t11FcSpAuStorageType-可能会导致在重新启动时保留或不保留配置中的更改,这违背了管理层的意愿。

t11FcSpAuSendRejNotifyEnable t11FcSpAuRcvRejNotifyEnable - could cause the suppression of SNMP notifications (e.g., of authentication failures or protocol failures), or the disruption of network operations due to the generation of unwanted notifications.

T11FCSPaurendrejnotifyEnable t11FcSpAuRcvRejNotifyEnable-可能导致SNMP通知(例如,身份验证失败或协议失败)被抑制,或者由于生成不需要的通知而导致网络操作中断。

t11FcSpAuDefaultLifetime t11FcSpAuDefaultLifetimeUnits - could cause the lifetimes of Security Associations to be extended longer than might be secure, or shortened to cause an increase in the overhead of using security.

T11FCSPaudeDefaultLifetime T11FCSPaudeDefaultLifetimeUnits-可能会导致安全关联的生存时间延长到可能安全的时间,或者缩短到导致使用安全性的开销增加。

t11FcSpAuRejectMaxRows - could cause a smaller audit trail of Authentication rejects, thereby hiding the tracks of an attacker, or a larger audit trail of Authentication rejects causing resources to be wasted.

t11FcSpAuRejectMaxRows—可能导致较小的身份验证拒绝审核跟踪,从而隐藏攻击者的跟踪,或者导致资源浪费的较大身份验证拒绝审核跟踪。

Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:

在某些网络环境中,此MIB模块中的某些可读对象(即具有MAX-ACCESS而非not ACCESS的对象)可能被视为敏感或易受攻击。因此,在通过SNMP通过网络发送这些对象时,控制甚至获取和/或通知对这些对象的访问,甚至可能加密这些对象的值,这一点非常重要。以下是表和对象及其敏感度/漏洞:

t11FcSpAuEntityTable - the capabilities of FC-SP Authentication entities in terms of what cryptographic algorithms they support, and various configuration parameters of FC-SP Authentication entities.

t11FcSpAuEntityTable—FC-SP身份验证实体在支持何种加密算法方面的能力,以及FC-SP身份验证实体的各种配置参数。

t11FcSpAuIfStatTable - the mapping of which FC-SP Authentication entities operate on which interfaces.

T11FCSAUIFSTATTABLE—哪些FC-SP身份验证实体在哪些接口上操作的映射。

t11FcSpAuRejectTable - an audit trail of authentication failures and other Authentication Protocol failures.

t11FcSpAuRejectTable—身份验证失败和其他身份验证协议失败的审核跟踪。

8.4. The T11-FC-SP-ZONING-MIB Module
8.4. T11-FC-SP-MIB模块

There are several management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These objects and their sensitivity/vulnerability are:

此MIB模块中定义了多个管理对象,其MAX-ACCESS子句为read-write和/或read create。在某些网络环境中,此类对象可能被视为敏感或易受攻击。在没有适当保护的非安全环境中支持SET操作可能会对网络操作产生负面影响。这些对象及其敏感性/脆弱性包括:

t11FcSpZsServerEnabled - could cause FC-SP Zoning mode to be enabled or not enabled, against the wishes of management.

t11FcSpZsServerEnabled-可能会导致FC-SP分区模式被启用或未启用,这违背了管理层的意愿。

t11FcSpZoneSetHashStatus - could cause an FC-SP implementation to recalculate the values of the Active Zone Set Hash and the Zone Set Database Hash more frequently than is required by management.

t11FcSpZoneSetHashStatus-可能导致FC-SP实施重新计算活动区域集哈希值和区域集数据库哈希值的频率高于管理层的要求。

t11FcSpZsNotifyJoinSuccessEnable t11FcSpZsNotifyJoinFailureEnable - could cause the suppression of SNMP notifications that a Switch in one Fabric has successfully joined/failed to join with a Switch in another Fabric, or the disruption of network operations due to the generation of unwanted notifications.

T11FCSPSsNotifyJoinSuccessEnable T11FCSPSsNotifyJoinFailureEnable-可能会导致一个结构中的交换机已成功加入/未能加入另一个结构中的交换机的SNMP通知被抑制,或者由于生成不需要的通知而导致网络操作中断。

Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the objects and their sensitivity/vulnerability:

在某些网络环境中,此MIB模块中的某些可读对象(即具有MAX-ACCESS而非not ACCESS的对象)可能被视为敏感或易受攻击。因此,在通过SNMP通过网络发送这些对象时,控制甚至获取和/或通知对这些对象的访问,甚至可能加密这些对象的值,这一点非常重要。这些是对象及其敏感度/脆弱性:

t11FcSpZsServerCapabilityObject t11FcSpZsServerEnabled - the FC-SP Zoning capabilities and status of the FC-SP implementation.

T11FCSsServerCapabilityObject T11FCSsServerEnabled—FC-SP分区功能和FC-SP实施的状态。

t11FcSpZoneSetHashStatus t11FcSpActiveZoneSetHashType t11FcSpActiveZoneSetHash t11FcSpZoneSetDatabaseHashType t11FcSpZoneSetDatabaseHash - the current values of the Active Zone Set Hash and the Zone Set Database Hash.

T11FCSPONESETHASHSTATUS T11FCSPActiveZoneESETHASHTYPE T11FCSPONESETDATABASEHSTYPE T11FCSPONESETDATABASEHASH—活动分区集哈希和分区集数据库哈希的当前值。

8.5. The T11-FC-SP-POLICY-MIB Module
8.5. T11-FC-SP-POLICY-MIB模块

There are many management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. The objects and tables and their sensitivity/vulnerability are:

此MIB模块中定义了许多管理对象,其中MAX-ACCESS子句为read-write和/或read-create。在某些网络环境中,此类对象可能被视为敏感或易受攻击。在没有适当保护的非安全环境中支持SET操作可能会对网络操作产生负面影响。对象和表及其敏感度/漏洞为:

t11FcSpPoNaSummaryTable t11FcSpPoNaSwListTable t11FcSpPoNaSwMembTable t11FcSpPoNaNoMembTable t11FcSpPoNaCtDescrTable t11FcSpPoNaSwConnTable t11FcSpPoNaIpMgmtTable - could change the currently inactive FC-SP Fabric Policies, so as to allow unauthorized connectivity of Switches and/or Nodes to the network, or between Switches in the network, or, to prohibit such connectivity even when authorized.

T11FCSPONASUMARYTABLE T11FCSPONASWListable T11FCSPONASWMEMBTABLE T11FCSPONANOMEMBTABLE T11FCSPONASWCONTABLE T11FCSPONASWCONTABLE T11FCSPONAIPMGMTTABLE-可以更改当前不活动的FC-SP结构策略,以便允许交换机和/或节点未经授权连接到网络,或在网络中的交换机之间,或,即使获得授权,也禁止此类连接。

t11FcSpPoNaIpMgmtTable t11FcSpPoNaWkpDescrTable - could change the currently inactive FC-SP Fabric Policies, so as to allow unauthorized management access to Switches, or prohibit authorized management access to Switches.

T11FCSPONAIPMGMTTable T11FCSPONAWKPdescrtable—可以更改当前处于非活动状态的FC-SP结构策略,以便允许对交换机进行未经授权的管理访问,或禁止对交换机进行授权的管理访问。

t11FcSpPoNaSummaryTable t11FcSpPoNaSwMembTable t11FcSpPoNaNoMembTable t11FcSpPoNaAttribTable t11FcSpPoNaAuthProtTable - could change the currently inactive FC-SP Fabric Policies, so as to allow Security Associations with reduced security or require Security Associations that are unnecessarily secure.

T11FCSPONASUMARYTABLE T11FCSPONASWMEMBTABLE T11FCSPONANOMEMBTABLE T11FCSPONAATTributeTABLE T11FCSPONAAuthprottable-可以更改当前处于非活动状态的FC-SP结构策略,以便允许安全性降低的安全关联或需要不必要的安全关联。

t11FcSpPoOperActivate t11FcSpPoOperDeActivate - could cause the currently active FC-SP Fabric Policies to be de-activated and currently inactive FC-SP Fabric Policies (e.g., those modified as above) to be activated instead.

T11FCSPOOPERACTIVE T11FCSPOOPERDEACTIVE-可能导致取消激活当前活动的FC-SP结构策略,而激活当前不活动的FC-SP结构策略(例如,如上所述修改的策略)。

t11FcSpPoStorageType - could cause changes in the configuration and/or in FC-SP Fabric Policies to be retained or not retained over restarts, against the wishes of management.

T11FCSPostorageType—可能会导致配置和/或FC-SP结构策略中的更改在重新启动时保留或不保留,这违背了管理层的意愿。

t11FcSpPoNotificationEnable - could cause the suppression of SNMP notifications on the successful/unsuccessful activation/deactivation of Fabric Policies, and thereby hide successful/failed attempts to make unauthorized changes, or cause the disruption of network operations due to the generation of unwanted notifications.

T11FCPonotificationEnable—可能导致在成功/不成功激活/停用结构策略时抑制SNMP通知,从而隐藏成功/失败的未经授权更改尝试,或者由于生成不需要的通知而导致网络操作中断。

Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and their sensitivity/vulnerability:

在某些网络环境中,此MIB模块中的某些可读对象(即具有MAX-ACCESS而非not ACCESS的对象)可能被视为敏感或易受攻击。因此,在通过SNMP通过网络发送这些对象时,控制甚至获取和/或通知对这些对象的访问,甚至可能加密这些对象的值,这一点非常重要。以下是表格及其敏感性/脆弱性:

t11FcSpPoTable t11FcSpPoSummaryTable t11FcSpPoSwMembTable t11FcSpPoNoMembTable t11FcSpPoCtDescrTable t11FcSpPoSwConnTable t11FcSpPoIpMgmtTable t11FcSpPoWkpDescrTable t11FcSpPoAttribTable t11FcSpPoAuthProtTable - the currently active FC-SP Fabric Policies that can be examined by an attacker looking for possible security vulnerabilities in the active policies.

T11FCSPOST11FCSPOSSummary表T11FCSPOSWMembtable T11FCSPOSPOOMEMMBTable T11FCSPOSPOCTD可移植T11FCSPOPOSWContable T11FCSPOPOPPOIPGMTTable T11FCSPOWKPdescrtable T11FCSPOPATTRIBTable T11FCSPOPAUTHPROTPTABLE—攻击者可以检查当前活动的FC-SP结构策略,以查找网络中可能存在的安全漏洞积极的政策。

8.6. The T11-FC-SP-SA-MIB Module
8.6. T11-FC-SP-SA-MIB模块

There are several management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These objects and their sensitivity/vulnerability are:

此MIB模块中定义了多个管理对象,其MAX-ACCESS子句为read-write和/或read create。在某些网络环境中,此类对象可能被视为敏感或易受攻击。在没有适当保护的非安全环境中支持SET操作可能会对网络操作产生负面影响。这些对象及其敏感性/脆弱性包括:

t11FcSpSaIfStorageType t11FcSpSaTSelPropStorageType t11FcSpSaTransStorageType - could cause changes in configuration information related to FC-SP Security Associations to be retained or not retained over restarts, against the wishes of management.

T11FCPSAIFStorageType T11FCPSatselPropStorageType T11FCPSatTransStorageType-可能会导致与FC-SP安全关联相关的配置信息更改在重启时保留或不保留,这违背了管理层的意愿。

t11FcSpSaIfReplayPrevention t11FcSpSaIfReplayWindowSize - could cause changes in the operation of anti-replay protection, thereby permitting an attacker to conduct replay attacks, or requiring FC-SP implementations to engage in unnecessary protection against replay.

T11FCPSAIFREPLAYPREvention T11FCPSAIFREPLAYWINDOWSIZE-可能导致反重放保护操作发生变化,从而允许攻击者进行重放攻击,或要求FC-SP实施不必要的重放保护。

t11FcSpSaIfTerminateAllSas t11FcSpSaPairTerminate - could cause FC-SP Security Associations to be aborted unnecessarily.

T11FCPSASAIFTERMINATEALLSA T11FCSSAPAIRTERMINATE-可能导致FC-SP安全关联被不必要地中止。

t11FcSpSaControlAuthFailEnable - could cause the suppression of SNMP notifications on the occurrence of Authentication failures for received FC-2 or CT_IU frames, thereby hiding attempts to subvert security measures, or cause the disruption of network operations due to the generation of unwanted notifications.

T11FCPSASCONTROLAUTHFAILENABLE-可能导致在收到的FC-2或CT_IU帧发生身份验证失败时抑制SNMP通知,从而隐藏破坏安全措施的尝试,或由于生成不需要的通知而导致网络操作中断。

t11FcSpSaControlLifeExcdEnable - could cause the suppression of SNMP notifications on the occurrence of an FC-SP Security Association exceeding its lifetime, thereby possibly causing disruption to network usage due to a delay in determining the problem and/or re-establishing the Security Association.

T11FCPSASCONTROLLIFEEXCDENABLE-在FC-SP安全关联发生超过其生存期时,可能会导致SNMP通知被抑制,从而可能由于确定问题和/或重新建立安全关联的延迟而导致网络使用中断。

t11FcSpSaControlWindow - could cause the suppression of second and subsequent SNMP notifications on the occurrence of Authentication failures for received FC-2 or CT_IU frames, thereby masking repeated attempts to subvert security measures, or cause the disruption of network operations due to the generation of unwanted notifications.

T11FCPSASAControlWindow—在接收到的FC-2或CT_IU帧发生身份验证失败时,可能会导致第二次和后续SNMP通知被抑制,从而掩盖破坏安全措施的重复尝试,或者由于生成不需要的通知而导致网络操作中断。

t11FcSpSaControlMaxNotifs - could cause the suppression of all SNMP notifications on the occurrence of Authentication failures for received FC-2 or CT_IU frames, thereby masking attempts to subvert security measures, or cause the disruption of network operations due to the generation of unwanted notifications.

T11FCPSAControlMaxNotifs-在收到的FC-2或CT_IU帧发生身份验证失败时,可能会导致所有SNMP通知被抑制,从而掩盖破坏安全措施的尝试,或由于生成不需要的通知而导致网络操作中断。

t11FcSpSaPropTable t11FcSpSaTSelPropTable t11FcSpSaTransTable - could cause an FC-SP entity to propose the setup of Security Associations that apply to a different selection of traffic and/or using different security transforms, such that some traffic has a reduced level of security that might improve an attacker's chance of subverting security, or an increased level of security that would involve unnecessary security processing, or cause the negotiation of Security Associations to fail to find commonly acceptable parameters such that no Security Associations can be established.

T11FCSP建议表T11FCSP建议表T11FCSP建议表T11FCSP建议设置适用于不同流量选择和/或使用不同安全转换的安全关联,从而使某些流量的安全级别降低,从而提高攻击者破坏安全的机会,或者增加安全级别,这将涉及不必要的安全处理,或者导致安全关联的协商无法找到普遍可接受的参数,从而无法建立安全关联。

t11FcSpSaTSelDrByTable - could cause an FC-SP entity to select different sets of traffic which are: a) to be sent/received without being protected by FC-SP security, thereby providing an attacker with access to read authentic traffic or the ability to introduce unauthentic traffic; or b) to be dropped instead of being sent/after being received, thereby causing disruption to network usage.

T11FCPSSATELDRBYTABLE-可能导致FC-SP实体选择不同的流量集,即:a)在不受FC-SP安全保护的情况下发送/接收,从而使攻击者能够读取真实流量或引入不真实流量;或b)被丢弃而不是被发送/接收后,从而导致网络使用中断。

Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:

在某些网络环境中,此MIB模块中的某些可读对象(即具有MAX-ACCESS而非not ACCESS的对象)可能被视为敏感或易受攻击。因此,在通过SNMP通过网络发送这些对象时,控制甚至获取和/或通知对这些对象的访问,甚至可能加密这些对象的值,这一点非常重要。以下是表和对象及其敏感度/漏洞:

t11FcSpSaIfTable - information concerning the capabilities, parameters and status of an FC-SP entity's support for Security Associations.

T11FCPSAIFTABLE-有关FC-SP实体支持安全关联的能力、参数和状态的信息。

t11FcSpSaPropTable t11FcSpSaTSelPropTable t11FcSpSaTransTable - information on the proposals that will be used by an FC-SP entity to negotiate Security Associations.

T11FCSP提案表T11FCSP提案表T11FCSP提案表-FC-SP实体将用于协商安全关联的提案信息。

t11FcSpSaTSelDrByTable - information on which subsets of traffic an FC-SP entity will send or receive without being protected by FC-SP security, or will drop before sending/after receiving.

T11FCPSSATELDRBYTABLE—FC-SP实体将发送或接收哪些流量子集而不受FC-SP安全保护,或在发送前/接收后丢弃这些流量子集的信息。

t11FcSpSaPairTable t11FcSpSaTSelNegInTable t11FcSpSaTSelNegOutTable t11FcSpSaTSelSpiTable - information on which Security Associations are currently active, what subsets of traffic they are carrying, and what security protection is being given to them.

T11FCSSAPAIRTABLE T11FCSSATSELNEGGTABLE T11FCSSATSELNEGGOUTTABLE T11FCSSATSELSPITABLE-有关哪些安全关联当前处于活动状态、它们所承载的流量子集以及为其提供的安全保护的信息。

8.7. Recommendations Common to All MIB Modules
8.7. 所有MIB模块通用的建议

SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.

SNMPv3之前的SNMP版本未包含足够的安全性。即使网络本身是安全的(例如通过使用IPsec),即使如此,也无法控制安全网络上的谁可以访问和获取/设置(读取/更改/创建/删除)此MIB模块中的对象。

It is RECOMMENDED that implementors consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).

建议执行者考虑SNMPv3框架所提供的安全特性(参见[RCFC310],第8节),包括对SNMPv3加密机制的完全支持(用于身份验证和隐私)。

Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.

此外,不建议部署SNMPv3之前的SNMP版本。相反,建议部署SNMPv3并启用加密安全性。然后,客户/运营商应负责确保授予访问此MIB模块实例权限的SNMP实体已正确配置为仅授予那些拥有确实获取或设置(更改/创建/删除)对象的合法权限的主体(用户)访问对象。

Because the two algorithms currently specified for T11FcSpPolicyHashFormat are SHA-1 and SHA-256, the definition of T11FcSpHashCalculationStatus expresses a concern in regard to not

由于目前为T11FcSpPolicyHashFormat指定的两种算法是SHA-1和SHA-256,因此T11FcSpHashCalculationStatus的定义表示了一个与否相关的问题

incrementally recomputing the hashes after each change when a series of multiple related changes are being made. This method of reducing computation is intended as a responsiveness measure (i.e., cooperating SNMP managers and agents can get things done faster), not as a Denial-of-Service (DoS) countermeasure. Nevertheless, implementations should also consider the DoS possibilities in these scenarios; potential countermeasures include: requiring authentication for SETs and the rate-limiting of SET operations if they can cause significant computation.

当进行一系列多个相关更改时,在每次更改后递增地重新计算哈希。这种减少计算的方法旨在作为一种响应措施(即,协作的SNMP管理器和代理可以更快地完成任务),而不是作为拒绝服务(DoS)对策。然而,实现也应该考虑在这些场景中的DOS可能性;潜在的对策包括:要求对集合进行身份验证,如果集合操作可能导致大量计算,则要求对其进行速率限制。

9. Normative References
9. 规范性引用文件

[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

[RFC2578]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.和S.Waldbusser,“管理信息的结构版本2(SMIv2)”,STD 58,RFC 2578,1999年4月。

[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.

[RFC2579]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.和S.Waldbusser,“SMIv2的文本约定”,STD 58,RFC 2579,1999年4月。

[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.

[RFC2580]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.和S.Waldbusser,“SMIv2的一致性声明”,STD 58,RFC 25801999年4月。

[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000.

[RFC2863]McCloghrie,K.和F.Kastenholz,“接口组MIB”,RFC 28632000年6月。

[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002.

[RFC3411]Harrington,D.,Presohn,R.,和B.Wijnen,“描述简单网络管理协议(SNMP)管理框架的体系结构”,STD 62,RFC 3411,2002年12月。

[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005.

[RFC4001]Daniele,M.,Haberman,B.,Routhier,S.,和J.Schoenwaeld,“互联网网络地址的文本约定”,RFC 4001,2005年2月。

[RFC4044] McCloghrie, K., "Fibre Channel Management MIB", RFC 4044, May 2005.

[RFC4044]McCloghrie,K.,“光纤通道管理MIB”,RFC 4044,2005年5月。

[RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, December 2005.

[RFC4303]Kent,S.,“IP封装安全有效载荷(ESP)”,RFC 4303,2005年12月。

[RFC4306] Kaufman, C., Ed., "Internet Key Exchange (IKEv2) Protocol", RFC 4306, December 2005.

[RFC4306]考夫曼,C.,编辑,“互联网密钥交换(IKEv2)协议”,RFC4306,2005年12月。

[RFC4438] DeSanti, C., Gaonkar, V., Vivek, H., McCloghrie, K., and S. Gai, "Fibre-Channel Name Server MIB", RFC 4438, April 2006.

[RFC4438]DeSanti,C.,Gaonkar,V.,Vivek,H.,McCloghrie,K.,和S.Gai,“光纤通道名称服务器MIB”,RFC 4438,2006年4月。

[RFC4439] DeSanti, C., Gaonkar, V., McCloghrie, K., and S. Gai, "Fibre Channel Fabric Address Manager MIB", RFC 4439, March 2006.

[RFC4439]DeSanti,C.,Gaonkar,V.,McCloghrie,K.,和S.Gai,“光纤通道结构地址管理器MIB”,RFC 4439,2006年3月。

[RFC4936] DeSanti, C., Vivek, H., McCloghrie, K., and S. Gai, "Fibre Channel Zone Server MIB", RFC 4936, August 2007.

[RFC4936]DeSanti,C.,Vivek,H.,McCloghrie,K.,和S.Gai,“光纤通道区域服务器MIB”,RFC 49362007年8月。

[FC-FS-2] "Fibre Channel - Framing and Signaling-2 (FC-FS-2)", ANSI INCITS 424-2007, February 2007.

[FC-FS-2]“光纤通道-成帧和信令-2(FC-FS-2)”,ANSI INCITS 424-2007,2007年2月。

[FC-GS-5] "Fibre Channel - Generic Services-5 (FC-GS-5)", ANSI INCITS 427-2006, December 2006.

[FC-GS-5]“光纤通道-通用服务-5(FC-GS-5)”,ANSI INCITS 427-2006,2006年12月。

[FC-SP] "Fibre Channel - Security Protocols (FC-SP)", ANSI INCITS 426-2007, T11/Project 1570-D, February 2007.

[FC-SP]“光纤通道-安全协议(FC-SP)”,ANSI INCITS 426-2007,T11/Project 1570-D,2007年2月。

[FC-SW-4] "Fibre Channel - Switch Fabric-4 (FC-SW-4)", ANSI INCITS 418-2006, April 2006.

[FC-SW-4]“光纤通道-交换机结构-4(FC-SW-4)”,ANSI INCITS 418-2006,2006年4月。

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。

10. Informative References
10. 资料性引用

[RFC1492] Finseth, C., "An Access Control Protocol, Sometimes Called TACACS", RFC 1492, July 1993.

[RFC1492]Finseth,C.,“访问控制协议,有时称为TACACS”,RFC 1492,1993年7月。

[RFC2741] Daniele, M., Wijnen, B., Ellison, M., and D. Francisco, "Agent Extensibility (AgentX) Protocol Version 1", RFC 2741, January 2000.

[RFC2741]Daniele,M.,Wijnen,B.,Ellison,M.,和D.Francisco,“代理可扩展性(AgentX)协议版本1”,RFC 27412000年1月。

[RFC2837] Teow, K., "Definitions of Managed Objects for the Fabric Element in Fibre Channel Standard", RFC 2837, May 2000.

[RFC2837]Teow,K.,“光纤通道标准中结构元素的托管对象定义”,RFC 2837,2000年5月。

[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, "Remote Authentication Dial In User Service (RADIUS)", RFC 2865, June 2000.

[RFC2865]Rigney,C.,Willens,S.,Rubens,A.,和W.Simpson,“远程认证拨入用户服务(RADIUS)”,RFC 28652000年6月。

[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002.

[RFC3410]Case,J.,Mundy,R.,Partain,D.,和B.Stewart,“互联网标准管理框架的介绍和适用性声明”,RFC 34102002年12月。

[RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003.

[RFC3588]Calhoun,P.,Loughney,J.,Guttman,E.,Zorn,G.,和J.Arkko,“直径基础协议”,RFC 3588,2003年9月。

[RFC4595] Maino, F. and D. Black, "Use of IKEv2 in the Fibre Channel Security Association Management Protocol", RFC 4595, July 2006.

[RFC4595]Maino,F.和D.Black,“在光纤通道安全关联管理协议中使用IKEv2”,RFC 45952006年7月。

[RFC4625] DeSanti, C., McCloghrie, K., Kode, S., and S. Gai, "Fibre Channel Routing Information MIB", RFC 4625, September 2006.

[RFC4625]DeSanti,C.,McCloghrie,K.,Kode,S.,和S.Gai,“光纤通道路由信息MIB”,RFC 46252006年9月。

[RFC4626] DeSanti, C., Gaonkar, V., McCloghrie, K., and S. Gai, "MIB for Fibre Channel's Fabric Shortest Path First (FSPF) Protocol", RFC 4626, September 2006.

[RFC4626]DeSanti,C.,Gaonkar,V.,McCloghrie,K.,和S.Gai,“光纤通道结构最短路径优先(FSPF)协议的MIB”,RFC 46262006年9月。

[RFC4668] Nelson, D., "RADIUS Authentication Client MIB for IPv6", RFC 4668, August 2006.

[RFC4668]Nelson,D.,“IPv6的RADIUS身份验证客户端MIB”,RFC 4668,2006年8月。

[RFC4747] Kipp, S., Ramkumar, G., and K. McCloghrie, "The Virtual Fabrics MIB", RFC 4747, November 2006.

[RFC4747]Kipp,S.,Ramkumar,G.和K.McCloghrie,“虚拟结构MIB”,RFC 47472006年11月。

[RFC4935] DeSanti, C., Vivek, H., McCloghrie, K., and S. Gai, "Fibre Channel Fabric Configuration Server MIB", RFC 4935, August 2007.

[RFC4935]DeSanti,C.,Vivek,H.,McCloghrie,K.,和S.Gai,“光纤通道结构配置服务器MIB”,RFC 4935,2007年8月。

[RFC4983] DeSanti, C., Vivek, H., McCloghrie, K., and S. Gai, "Fibre Channel Registered State Change Notification (RSCN) MIB", RFC 4983, August 2007.

[RFC4983]DeSanti,C.,Vivek,H.,McCloghrie,K.,和S.Gai,“光纤通道注册状态更改通知(RSCN)MIB”,RFC 4983,2007年8月。

11. Acknowledgements
11. 致谢

This document was initially developed and approved by the INCITS Task Group T11.5 (http://www.t11.org) as the SM-FSM project. We wish to acknowledge the contributions and comments from the INCITS Technical Committee T11, including the following:

本文件最初由INCITS任务组T11.5制定和批准(http://www.t11.org)作为SM-FSM项目。我们希望感谢INCITS技术委员会T11的贡献和评论,包括以下内容:

T11 Chair: Robert Snively, Brocade T11 Vice Chair: Claudio DeSanti, Cisco Systems T11.5 Chair: Roger Cummings, Symantec T11.5 members: David Black, EMC Don Fraser, HP Larry Hofer, Brocade Scott Kipp, Brocade Ralph Weber, ENDL

T11主席:Robert Snifly,Brocade T11副主席:Claudio DeSanti,Cisco Systems T11.5主席:Roger Cummings,Symantec T11.5成员:David Black,EMC Don Fraser,HP Larry Hofer,Brocade Scott Kipp,Brocade Ralph Weber,ENDL

The document was subsequently a work item of the IMSS Working Group (of the IETF), chaired by David Black (EMC Corporation). Bert Wijnen (Alcatel-Lucent) deserves many thanks for his thorough review of all five MIB modules in this (large!) document. We also wish to acknowledge Dan Romascanu (Avaya), the IETF Area Director, for his comments and assistance.

该文件随后成为(IETF)IMSS工作组的工作项目,由David Black(EMC公司)担任主席。Bert Wijnen(Alcatel-Lucent)在这篇(大型!)文档中对所有五个MIB模块进行了透彻的审查,值得感谢。我们还要感谢IETF区域总监Dan Romascanu(Avaya)的评论和帮助。

Authors' Addresses

作者地址

Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Phone: +1 408 853-9172 EMail: cds@cisco.com

Claudio DeSanti Cisco Systems,Inc.美国加利福尼亚州圣何塞西塔斯曼大道170号电话:+1 408 853-9172电子邮件:cds@cisco.com

Fabio Maino Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Phone: +1 408 853-7530 EMail: fmaino@cisco.com

Fabio Maino Cisco Systems,Inc.美国加利福尼亚州圣何塞西塔斯曼大道170号电话:+1 408 853-7530电子邮件:fmaino@cisco.com

Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA USA 95134 Phone: +1 408-526-5260 EMail: kzm@cisco.com

Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞西塔斯曼大道170号95134电话:+1 408-526-5260电子邮件:kzm@cisco.com

Full Copyright Statement

完整版权声明

Copyright (C) The IETF Trust (2008).

版权所有(C)IETF信托基金(2008年)。

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。

This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

本文件及其包含的信息以“原样”为基础提供,贡献者、他/她所代表或赞助的组织(如有)、互联网协会、IETF信托基金和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。

Intellectual Property

知识产权

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.

IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.