Network Working Group R. Woundy Request for Comments: 3083 Cisco Systems Category: Informational March 2001
Network Working Group R. Woundy Request for Comments: 3083 Cisco Systems Category: Informational March 2001
Baseline Privacy Interface Management Information Base for DOCSIS Compliant Cable Modems and Cable Modem Termination Systems
DOCSIS兼容电缆调制解调器和电缆调制解调器终端系统的基线隐私接口管理信息库
Status of this Memo
本备忘录的状况
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2001). All Rights Reserved.
版权所有(C)互联网协会(2001年)。版权所有。
Abstract
摘要
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines a basic set of managed objects for SNMP-based (Simple Network Management Protocol) management of the Baseline Privacy Interface (BPI), which provides data privacy for DOCSIS 1.0 (Data-Over-Cable Service Interface Specifications) compliant Cable Modems and Cable Modem Termination Systems. This MIB is defined as an extension to the DOCSIS Radio Frequency Interface MIB, RFC 2670.
此备忘录定义了管理信息库(MIB)的一部分,用于Internet社区中的网络管理协议。特别是,它为基线隐私接口(BPI)的基于SNMP(简单网络管理协议)的管理定义了一组基本的托管对象,为符合DOCSIS 1.0(电缆服务接口规范数据)的电缆调制解调器和电缆调制解调器终端系统提供数据隐私。该MIB被定义为DOCSIS射频接口MIB RFC 2670的扩展。
This memo specifies a MIB module in a manner that is compliant to the SMIv2 (Structure of Management Information Version 2). The set of objects is consistent with the SNMP framework and existing SNMP standards.
本备忘录以符合SMIv2(管理信息结构版本2)的方式指定MIB模块。对象集与SNMP框架和现有SNMP标准一致。
CableLabs requires the implementation of this MIB in DOCSIS 1.0 cable modems that implement the Baseline Privacy Interface, as a prerequisite for DOCSIS 1.0 certification.
CableLabs要求在DOCSIS 1.0电缆调制解调器中实现此MIB,作为DOCSIS 1.0认证的先决条件,该调制解调器实现基线隐私接口。
Table of Contents
目录
1 The SNMP Management Framework ................................... 2 2 Glossary ........................................................ 3 2.1 Authorization key ............................................. 3 2.2 BPI ........................................................... 4 2.3 BPI+ .......................................................... 4 2.4 CATV .......................................................... 4 2.5 CM ............................................................ 4 2.6 CMTS .......................................................... 4 2.7 DOCSIS ........................................................ 4 2.8 Downstream .................................................... 4 2.9 Head-end ...................................................... 4 2.10 MAC Packet ................................................... 4 2.11 MCNS ......................................................... 5 2.12 RF ........................................................... 5 2.13 SID .......................................................... 5 2.14 TEK .......................................................... 5 2.15 Upstream ..................................................... 5 3 Overview ........................................................ 5 3.1 Structure of the MIB .......................................... 5 3.2 Management requirements ....................................... 6 3.3 Textual convention ............................................ 7 4 Definitions ..................................................... 8 5 Acknowledgments ................................................ 40 6 References ..................................................... 40 7 Security Considerations ........................................ 42 8 Intellectual Property .......................................... 43 9 Author's Address ............................................... 44 10 Full Copyright Statement ...................................... 45
1 The SNMP Management Framework ................................... 2 2 Glossary ........................................................ 3 2.1 Authorization key ............................................. 3 2.2 BPI ........................................................... 4 2.3 BPI+ .......................................................... 4 2.4 CATV .......................................................... 4 2.5 CM ............................................................ 4 2.6 CMTS .......................................................... 4 2.7 DOCSIS ........................................................ 4 2.8 Downstream .................................................... 4 2.9 Head-end ...................................................... 4 2.10 MAC Packet ................................................... 4 2.11 MCNS ......................................................... 5 2.12 RF ........................................................... 5 2.13 SID .......................................................... 5 2.14 TEK .......................................................... 5 2.15 Upstream ..................................................... 5 3 Overview ........................................................ 5 3.1 Structure of the MIB .......................................... 5 3.2 Management requirements ....................................... 6 3.3 Textual convention ............................................ 7 4 Definitions ..................................................... 8 5 Acknowledgments ................................................ 40 6 References ..................................................... 40 7 Security Considerations ........................................ 42 8 Intellectual Property .......................................... 43 9 Author's Address ............................................... 44 10 Full Copyright Statement ...................................... 45
The SNMP Management Framework presently consists of five major components:
SNMP管理框架目前由五个主要组件组成:
o An overall architecture, described in RFC 2571 [1].
o RFC 2571[1]中描述的总体架构。
o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]. The second version, called SMIv2, is described in STD 58, RFC 2578 [5], RFC 2579 [6] and RFC 2580 [7].
o 为管理目的描述和命名对象和事件的机制。这种管理信息结构(SMI)的第一个版本称为SMIv1,并在STD 16、RFC 1155[2]、STD 16、RFC 1212[3]和RFC 1215[4]中进行了描述。第二个版本称为SMIv2,在STD 58、RFC 2578[5]、RFC 2579[6]和RFC 2580[7]中进行了描述。
o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [8]. A second version of the SNMP
o 用于传输管理信息的消息协议。SNMP消息协议的第一个版本称为SNMPv1,在STD 15、RFC 1157[8]中进行了描述。SNMP的第二个版本
message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574 [12].
消息协议不是互联网标准跟踪协议,称为SNMPv2c,在RFC 1901[9]和RFC 1906[10]中进行了描述。消息协议的第三个版本称为SNMPv3,在RFC 1906[10]、RFC 2572[11]和RFC 2574[12]中进行了描述。
o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [8]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [13].
o 访问管理信息的协议操作。STD 15、RFC 1157[8]中描述了第一组协议操作和相关PDU格式。RFC 1905[13]中描述了第二组协议操作和相关PDU格式。
o A set of fundamental applications described in RFC 2573 [14] and the view-based access control mechanism described in RFC 2575 [15].
o RFC 2573[14]中描述的一组基本应用程序和RFC 2575[15]中描述的基于视图的访问控制机制。
A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [24].
有关当前SNMP管理框架的更详细介绍,请参见RFC 2570[24]。
Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI.
托管对象通过虚拟信息存储(称为管理信息库或MIB)进行访问。MIB中的对象是使用SMI中定义的机制定义的。
This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB.
此备忘录指定了符合SMIv2的MIB模块。通过适当的翻译,可以生成符合SMIv1的MIB。生成的已翻译MIB必须在语义上等效,除非由于无法翻译而省略了对象或事件(使用计数器64)。在翻译过程中,SMIv2中的一些机器可读信息将转换为SMIv1中的文本描述。但是,这种机器可读信息的丢失不被认为会改变MIB的语义。
The terms in this document are derived either from normal cable system usage, or from the documents associated with the Data Over Cable Service Interface Specification process.
本文档中的术语来源于正常的有线电视系统使用,或与有线电视数据服务接口规范流程相关的文档。
A key used to derive a key encryption key (used to encrypt TEKs), and to derive message authentication keys. When the CMTS communicates the authorization key to the CM, it encrypts the authorization key using the RSA public key of the CM [22].
用于派生密钥加密密钥(用于加密TEK)和派生消息身份验证密钥的密钥。当CMTS将授权密钥传送给CM时,它使用CM的RSA公钥对授权密钥进行加密[22]。
A term referring to the DOCSIS specification [18] for enabling simple data privacy in the DOCSIS 1.0 system. Management of the BPI is the focus of this document.
指DOCSIS规范[18]的术语,用于在DOCSIS 1.0系统中实现简单的数据隐私。BPI的管理是本文件的重点。
A term referring to the DOCSIS specification [21] for enabling CM authentication and data privacy in the DOCSIS 1.1 system. Management of the BPI+ is not addressed in this document.
指DOCSIS规范[21]的术语,用于在DOCSIS 1.1系统中启用CM身份验证和数据隐私。本文件未涉及BPI+的管理。
Originally "Community Antenna Television", now used to refer to any cable or hybrid fiber and cable system used to deliver video signals to a community.
最初是“社区天线电视”,现在用来指用于向社区传送视频信号的任何有线或混合光纤和有线系统。
A CM acts as a "slave" station in a DOCSIS compliant cable data system.
CM充当DOCSIS兼容电缆数据系统中的“从”站。
A generic term covering a cable bridge or cable router in a head-end. A CMTS acts as the master station in a DOCSIS compliant cable data system. It is the only station that transmits downstream, and it controls the scheduling of upstream transmissions by its associated CMs.
涵盖前端电缆桥架或电缆路由器的通用术语。CMTS充当DOCSIS兼容电缆数据系统中的主站。它是唯一一个下行传输的站点,并且它通过其相关的CMs控制上行传输的调度。
"Data-Over-Cable Service Interface Specifications". A term referring to the ITU-T J.112 Annex B standard for cable modem systems [19].
“有线数据服务接口规范”。指电缆调制解调器系统的ITU-T J.112附录B标准[19]的术语。
The direction from the head-end towards the subscriber.
从前端到用户的方向。
The origination point in most cable systems of the subscriber video signals. Generally also the location of the CMTS equipment.
在大多数有线电视系统中,用户视频信号的起始点。通常还包括CMTS设备的位置。
A DOCSIS PDU.
DOCSIS PDU。
"Multimedia Cable Network System". Generally replaced in usage by DOCSIS.
“多媒体有线网络系统”。通常使用DOCSIS替代。
Radio Frequency.
无线电频率
Service ID. The SID identifies a particular upstream bandwidth allocation and class-of-service management for DOCSIS, and identifies a particular bidirectional security association for BPI.
服务ID。SID标识DOCSIS的特定上游带宽分配和服务管理类别,并标识BPI的特定双向安全关联。
Traffic Encryption Key, which is used for DES encryption of upstream and downstream traffic. When the CMTS communicates the TEK to the CM, it encrypts the TEK using the key encryption key derived from the authorization key.
流量加密密钥,用于对上游和下游流量进行DES加密。当CMTS将TEK与CM通信时,它使用从授权密钥派生的密钥加密密钥对TEK进行加密。
The direction from the subscriber towards the head-end.
从用户到前端的方向。
This MIB provides a set of objects required for the management of the Baseline Privacy Interface for DOCSIS compliant Cable Modems (CMs) and Cable Modem Termination Systems (CMTSs). This MIB specification is derived from the DOCSIS Baseline Privacy Interface specification [18], which is an extension to the DOCSIS Radio Frequency Interface specification [19].
该MIB为DOCSIS兼容电缆调制解调器(CMs)和电缆调制解调器终端系统(CMTSs)提供了基线隐私接口管理所需的一组对象。该MIB规范源自DOCSIS基线隐私接口规范[18],是DOCSIS射频接口规范的扩展[19]。
Please note that this MIB specification is not sufficient for the management of the DOCSIS Baseline Privacy Plus Interface specification [21]. The working group expects to issue a MIB for the management of BPI+ at a later time.
请注意,此MIB规范不足以管理DOCSIS基线隐私加接口规范[21]。工作组希望在以后发布一份管理BPI+的MIB。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [23].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[23]中所述进行解释。
This MIB consists of one group of CM-only objects (docsBpiCmGroup), and one group of CMTS-only objects (docsBpiCmtsGroup).
此MIB由一组仅限CM的对象(docsBpiCmGroup)和一组仅限CMTS的对象(docsBpiCmtsGroup)组成。
The CM-only objects are organized into two tables:
仅限CM的对象被组织到两个表中:
o The docsBpiCmBaseTable contains objects for managing basic Baseline Privacy parameters and counters, and for managing the Authorization finite state machine.
o docsBpiCmBaseTable包含用于管理基本基线隐私参数和计数器以及用于管理授权有限状态机的对象。
o The docsBpiCmTEKTable contains objects for managing the Traffic Encryption Key (TEK) finite state machine per SID.
o docsBpiCmTEKTable包含用于管理每个SID的流量加密密钥(TEK)有限状态机的对象。
The CMTS-only objects are organized into four sub-groups:
仅CMTS对象被组织为四个子组:
o The docsBpiCmtsBaseTable contains objects for managing basic Baseline Privacy parameters and counters.
o docsBpiCmtsBaseTable包含用于管理基本基线隐私参数和计数器的对象。
o The docsBpiCmtsAuthTable contains objects for managing the Authorization association information per cable modem.
o docsBpiCmtsAuthTable包含用于管理每个电缆调制解调器的授权关联信息的对象。
o The docsBpiCmtsTEKTable contains objects for managing the TEK association information per SID.
o DOCSBPICMTSTEK表包含用于管理每个SID的TEK关联信息的对象。
o The docsBpiMulticastControl consists of two tables. The docsBpiIpMulticastMapTable controls the mapping of downstream IP multicast data traffic to downstream multicast SID values. The docsBpiMulticastAuthTable controls which CMs are authorized to receive downstream traffic transmitted over particular multicast SIDs; a CM will receive TEKs corresponding to the multicast SIDs for which it is authorized. The combination of these two tables will limit the distribution of downstream IP multicast data traffic to authorized CMs.
o docsBpiMulticastControl由两个表组成。DOCSBPIPMULTICASTMAPTABLE控制下游IP多播数据流量到下游多播SID值的映射。docsBpiMulticastAuthTable控制授权哪些CMs接收通过特定多播SID传输的下游流量;CM将接收与其授权的多播SID对应的TEK。这两个表的组合将限制下游IP多播数据流量向授权CMs的分布。
The Baseline Privacy Interface specification is documented in [18], and is an extension to the Radio Frequency Interface specification documented in [19]. In addition to the explicit requirements in this specification, the CM and CMTS enabled for Baseline Privacy MUST support all applicable DOCSIS and IETF requirements and MIB objects. Specifications that identify relevant requirements and MIB objects include the IETF Radio Frequency MIB [16], the IETF Cable Device MIB [17], and the DOCSIS OSSI Specification [20].
基准隐私接口规范记录在[18]中,是对[19]中记录的射频接口规范的扩展。除了本规范中的明确要求外,为基线隐私启用的CM和CMT必须支持所有适用的DOCSIS和IETF要求以及MIB对象。确定相关需求和MIB对象的规范包括IETF射频MIB[16]、IETF电缆设备MIB[17]和DOCSIS OSI规范[20]。
The explicit management requirements of the Baseline Privacy Interface, which motivate the development of the MIB in this document, are detailed below:
基线隐私接口的明确管理要求,激励了本文件中MIB的开发,详情如下:
o The CM and CMTS MUST support viewing relevant RSA public keys, for future subscriber authentication applications.
o CM和CMT必须支持查看相关RSA公钥,以用于未来的用户身份验证应用程序。
o The Baseline Privacy management interface needs to support operator configuration of Authorization and TEK Finite State Machine (FSM) parameters, for performance tuning and security incident handling. The CMTS MUST support viewing (and configuring if possible) all FSM-related parameters, including baseline privacy status (enabled or disabled), key lifetimes, key grace times, and state timeout values. The CM MUST support viewing these parameters where possible.
o 基线隐私管理界面需要支持操作员配置授权和TEK有限状态机(FSM)参数,以便进行性能调整和安全事件处理。CMT必须支持查看(并在可能的情况下配置)所有FSM相关参数,包括基线隐私状态(启用或禁用)、密钥生存时间、密钥宽限时间和状态超时值。CM必须支持在可能的情况下查看这些参数。
o The management interface needs to support operator analysis and override of FSM behavior, for fault management, subscriber service de-provisioning, and security incident handling. The CM MUST support viewing the current FSM states. The CM and CMTS MUST support viewing message error codes and message error strings, and counters for invalid KEK and TEK events, for key expirations and renewals, and for duplicate messages. The CM and CMTS MUST support viewing current authorization key sequence numbers and key expiration times for failure diagnosis.
o 管理界面需要支持操作员分析和覆盖FSM行为,用于故障管理、用户服务取消配置和安全事件处理。CM必须支持查看当前FSM状态。CM和CMT必须支持查看消息错误代码和消息错误字符串,以及无效KEK和TEK事件、密钥过期和续订以及重复消息的计数器。CM和CMT必须支持查看当前授权密钥序列号和密钥过期时间以进行故障诊断。
o The management interface needs to support dynamic control of the distribution of IP multicast data traffic. This control includes forwarding IP multicast traffic to the correct multicast group (SID), and managing the membership lists of each multicast group (SID). The CMTS MUST support configuring and viewing all IP multicast forwarding state, and all multicast group memberships, within the MAC domains of the CMTS.
o 管理接口需要支持对IP多播数据流量分布的动态控制。此控制包括将IP多播通信转发到正确的多播组(SID),以及管理每个多播组(SID)的成员列表。CMT必须支持在CMT的MAC域内配置和查看所有IP多播转发状态以及所有多播组成员身份。
CableLabs has required the implementation of prior versions of this MIB in DOCSIS 1.0 cable modems that implement the Baseline Privacy Interface, as a prerequisite for DOCSIS 1.0 certification.
CableLabs要求在DOCSIS 1.0电缆调制解调器中实现此MIB的早期版本,该调制解调器实现基线隐私接口,作为DOCSIS 1.0认证的先决条件。
The Baseline Privacy Interface MIB contains eight MIB objects defined with the (now obsolete) DisplayString textual convention, and one MIB object defined with the (now undesirable) IpAddress textual convention.
基线隐私接口MIB包含八个使用(现在已过时)DisplayString文本约定定义的MIB对象,以及一个使用(现在不需要)IpAddress文本约定定义的MIB对象。
In the judgment of the working group, it is preferable to keep these less-than-desirable textual conventions, in order to maintain backward compatibility and interoperability with DOCSIS 1.0 cable modems that implemented previous versions of this MIB.
根据工作组的判断,最好保留这些不太理想的文本约定,以保持与实现本MIB先前版本的DOCSIS 1.0电缆调制解调器的向后兼容性和互操作性。
DOCS-BPI-MIB DEFINITIONS ::= BEGIN
DOCS-BPI-MIB DEFINITIONS ::= BEGIN
IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, IpAddress FROM SNMPv2-SMI DisplayString, MacAddress, RowStatus, TruthValue, DateAndTime FROM SNMPv2-TC OBJECT-GROUP, MODULE-COMPLIANCE FROM SNMPv2-CONF ifIndex FROM IF-MIB docsIfMib, docsIfCmServiceId, docsIfCmtsServiceId FROM DOCS-IF-MIB ;
从SNMPv2 SMI显示字符串中导入模块标识、对象类型、整数32、计数器32、IP地址,从SNMPv2 TC对象组中导入MacAddress、RowStatus、TruthValue、DateAndTime,从SNMPv2 CONF ifIndex从IF-MIB从IF-MIB从docsIfCmServiceId从docsIfCmtsServiceId从DOCS-IF-MIB导入模块合规性;
docsBpiMIB MODULE-IDENTITY LAST-UPDATED "200103130000Z" ORGANIZATION "IETF IPCDN Working Group" CONTACT-INFO "Rich Woundy Postal: Cisco Systems 250 Apollo Drive Chelmsford, MA 01824 U.S.A. Tel: +1 978 244 8000 E-mail: rwoundy@cisco.com
docsBpiMIB MODULE-IDENTITY上次更新的“200103130000Z”组织“IETF IPCDN工作组”联系方式“Rich Woundy Postal:Cisco Systems 250阿波罗大道切姆斯福德,马萨诸塞州01824美国电话:+1 978 244 8000电子邮件:rwoundy@cisco.com
IETF IPCDN Working Group General Discussion: ipcdn@ietf.org Subscribe: http://www.ietf.org/mailman/listinfo/ipcdn Archive: ftp://ftp.ietf.org/ietf-mail-archive/ipcdn Co-chairs: Richard Woundy, rwoundy@cisco.com Andrew Valentine, a.valentine@eu.hns.com" DESCRIPTION "This is the MIB Module for the DOCSIS Baseline Privacy Interface (BPI) at cable modems (CMs) and cable modem termination systems (CMTSs). CableLabs requires the implementation of this MIB in DOCSIS 1.0 cable modems that implement the Baseline Privacy Interface, as a prerequisite for DOCSIS 1.0 certification."
IETF IPCDN Working Group General Discussion: ipcdn@ietf.org Subscribe: http://www.ietf.org/mailman/listinfo/ipcdn Archive: ftp://ftp.ietf.org/ietf-mail-archive/ipcdn Co-chairs: Richard Woundy, rwoundy@cisco.com Andrew Valentine, a.valentine@eu.hns.com" DESCRIPTION "This is the MIB Module for the DOCSIS Baseline Privacy Interface (BPI) at cable modems (CMs) and cable modem termination systems (CMTSs). CableLabs requires the implementation of this MIB in DOCSIS 1.0 cable modems that implement the Baseline Privacy Interface, as a prerequisite for DOCSIS 1.0 certification."
REVISION "200103130000Z" DESCRIPTION "Version published as RFC 3083."
修订版“200103130000Z”说明“版本发布为RFC 3083。”
REVISION "200011031930Z" DESCRIPTION "Modified by Richard Woundy to fix problems identified by the MIB
由Richard Woundy修改的修订版“200011031930Z”说明,以修复MIB识别的问题
doctor. I marked docsBpiCmtsDefaultAuthGraceTime and docsBpiCmtsDefaultTEKGraceTime as obsolete objects, to prevent OID reassignment. Several object descriptions were also corrected."
医生我将docsbpicmtsfaultauthGraceTime和docsbpicmtsfaultTekGraceTime标记为过时对象,以防止OID重新分配。还更正了若干对象描述。”
REVISION "200002161930Z" DESCRIPTION "Initial version. CableLabs requires the implementation of this MIB in certified DOCSIS 1.0 cable modems implementing the Baseline Privacy Interface, per DOCSIS 1.0 engineering change notice oss-n-99027." ::= { docsIfMib 5 }
REVISION "200002161930Z" DESCRIPTION "Initial version. CableLabs requires the implementation of this MIB in certified DOCSIS 1.0 cable modems implementing the Baseline Privacy Interface, per DOCSIS 1.0 engineering change notice oss-n-99027." ::= { docsIfMib 5 }
docsBpiMIBObjects OBJECT IDENTIFIER ::= { docsBpiMIB 1 }
docsBpiMIBObjects OBJECT IDENTIFIER ::= { docsBpiMIB 1 }
-- Cable Modem Group
--电缆调制解调器组
docsBpiCmObjects OBJECT IDENTIFIER ::= { docsBpiMIBObjects 1 }
docsBpiCmObjects OBJECT IDENTIFIER ::= { docsBpiMIBObjects 1 }
-- -- The BPI base and authorization table for CMs, indexed by ifIndex --
----CMs的BPI基础和授权表,由ifIndex索引--
docsBpiCmBaseTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the basic and authorization-related Baseline Privacy attributes of each CM MAC interface." ::= { docsBpiCmObjects 1 }
docsBpiCmBaseTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the basic and authorization-related Baseline Privacy attributes of each CM MAC interface." ::= { docsBpiCmObjects 1 }
docsBpiCmBaseEntry OBJECT-TYPE SYNTAX DocsBpiCmBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one CM MAC interface. An entry in this table exists for each ifEntry with an ifType of docsCableMaclayer(127)." INDEX { ifIndex } ::= { docsBpiCmBaseTable 1 }
docsBpiCmBaseEntry OBJECT-TYPE SYNTAX DocsBpiCmBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one CM MAC interface. An entry in this table exists for each ifEntry with an ifType of docsCableMaclayer(127)." INDEX { ifIndex } ::= { docsBpiCmBaseTable 1 }
DocsBpiCmBaseEntry ::= SEQUENCE { docsBpiCmPrivacyEnable TruthValue, docsBpiCmPublicKey OCTET STRING, docsBpiCmAuthState INTEGER, docsBpiCmAuthKeySequenceNumber Integer32, docsBpiCmAuthExpires DateAndTime,
DocsBpiCmBaseEntry ::= SEQUENCE { docsBpiCmPrivacyEnable TruthValue, docsBpiCmPublicKey OCTET STRING, docsBpiCmAuthState INTEGER, docsBpiCmAuthKeySequenceNumber Integer32, docsBpiCmAuthExpires DateAndTime,
docsBpiCmAuthReset TruthValue, docsBpiCmAuthGraceTime Integer32, docsBpiCmTEKGraceTime Integer32, docsBpiCmAuthWaitTimeout Integer32, docsBpiCmReauthWaitTimeout Integer32, docsBpiCmOpWaitTimeout Integer32, docsBpiCmRekeyWaitTimeout Integer32, docsBpiCmAuthRejectWaitTimeout Integer32, docsBpiCmAuthRequests Counter32, docsBpiCmAuthReplies Counter32, docsBpiCmAuthRejects Counter32, docsBpiCmAuthInvalids Counter32, docsBpiCmAuthRejectErrorCode INTEGER, docsBpiCmAuthRejectErrorString DisplayString, docsBpiCmAuthInvalidErrorCode INTEGER, docsBpiCmAuthInvalidErrorString DisplayString }
docsBpiCmAuthReset真值、docsBpiCmAuthGraceTime整数32、docsBpiCmTEKGraceTime整数32、docsBpiCmAuthWaitTimeout整数32、DocsbpicmRauthWaitTimeout整数32、docsBpiCmRekeyWaitTimeout整数32、docsBpiCmAuthRejectWaitTimeout整数32、docsBpiCmAuthRequests计数器32、DocsbpicmauthResponses计数器32、,docsBpiCmAuthRejects计数器32,DocsbpicmauthValids计数器32,docsBpiCmAuthRejectErrorCode整数,docsBpiCmAuthRejectErrorString显示字符串,DocsbpicmauthValidErrorCode整数,DocsbpicmauthValidErrorString显示字符串}
docsBpiCmPrivacyEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object identifies whether this CM is provisioned to run Baseline Privacy. This is analogous to the presence (or absence) of the Baseline Privacy Configuration Setting option. The status of each individual SID with respect to Baseline Privacy is captured in the docsBpiCmTEKPrivacyEnable object." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1." ::= { docsBpiCmBaseEntry 1 }
docsBpiCmPrivacyEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object identifies whether this CM is provisioned to run Baseline Privacy. This is analogous to the presence (or absence) of the Baseline Privacy Configuration Setting option. The status of each individual SID with respect to Baseline Privacy is captured in the docsBpiCmTEKPrivacyEnable object." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1." ::= { docsBpiCmBaseEntry 1 }
docsBpiCmPublicKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE (74 | 106 | 140 | 270)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is a DER-encoded RSAPublicKey ASN.1 type string, as defined in the RSA Encryption Standard (PKCS #1) [22], corresponding to the public key of the CM. The 74, 106, 140, and 270 byte key encoding lengths correspond to 512 bit, 768 bit, 1024 bit, and 2048 public moduli respectively." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.2.4." ::= { docsBpiCmBaseEntry 2 }
docsBpiCmPublicKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE (74 | 106 | 140 | 270)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is a DER-encoded RSAPublicKey ASN.1 type string, as defined in the RSA Encryption Standard (PKCS #1) [22], corresponding to the public key of the CM. The 74, 106, 140, and 270 byte key encoding lengths correspond to 512 bit, 768 bit, 1024 bit, and 2048 public moduli respectively." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.2.4." ::= { docsBpiCmBaseEntry 2 }
docsBpiCmAuthState OBJECT-TYPE SYNTAX INTEGER {
docsBpiCmAuthState对象类型语法整数{
authWait(2), authorized(3), reauthWait(4), authRejectWait(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the state of the CM authorization FSM. The start state indicates that FSM is in its initial state." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.2.1." ::= { docsBpiCmBaseEntry 3 }
authWait(2), authorized(3), reauthWait(4), authRejectWait(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the state of the CM authorization FSM. The start state indicates that FSM is in its initial state." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.2.1." ::= { docsBpiCmBaseEntry 3 }
docsBpiCmAuthKeySequenceNumber OBJECT-TYPE SYNTAX Integer32 (0..15) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the authorization key sequence number for this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2 and 4.2.2.10." ::= { docsBpiCmBaseEntry 4 }
docsBpiCmAuthKeySequenceNumber OBJECT-TYPE SYNTAX Integer32 (0..15) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the authorization key sequence number for this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2 and 4.2.2.10." ::= { docsBpiCmBaseEntry 4 }
docsBpiCmAuthExpires OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time when the current authorization for this FSM expires. If the CM does not have an active authorization, then the value is of the expiration date and time of the last active authorization." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2 and 4.2.2.9." ::= { docsBpiCmBaseEntry 5 }
docsBpiCmAuthExpires OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time when the current authorization for this FSM expires. If the CM does not have an active authorization, then the value is of the expiration date and time of the last active authorization." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2 and 4.2.2.9." ::= { docsBpiCmBaseEntry 5 }
docsBpiCmAuthReset OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to TRUE generates a Reauthorize event in the authorization FSM. Reading this object always returns FALSE." REFERENCE
docsBpiCmAuthReset对象类型语法TruthValue MAX-ACCESS读写状态当前描述“将此对象设置为TRUE将在授权FSM中生成重新授权事件。读取此对象始终返回FALSE。”参考
"DOCSIS Baseline Privacy Interface Specification, Section 4.1.2.3.4." ::= { docsBpiCmBaseEntry 6 }
"DOCSIS Baseline Privacy Interface Specification, Section 4.1.2.3.4." ::= { docsBpiCmBaseEntry 6 }
docsBpiCmAuthGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for an authorization key. A CM is expected to start trying to get a new authorization key beginning AuthGraceTime seconds before the authorization key actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.3." ::= { docsBpiCmBaseEntry 7 }
docsBpiCmAuthGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for an authorization key. A CM is expected to start trying to get a new authorization key beginning AuthGraceTime seconds before the authorization key actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.3." ::= { docsBpiCmBaseEntry 7 }
docsBpiCmTEKGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for a TEK. A CM is expected to start trying to get a new TEK beginning TEKGraceTime seconds before the TEK actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.6." ::= { docsBpiCmBaseEntry 8 }
docsBpiCmTEKGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for a TEK. A CM is expected to start trying to get a new TEK beginning TEKGraceTime seconds before the TEK actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.6." ::= { docsBpiCmBaseEntry 8 }
docsBpiCmAuthWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..30) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Authorize Wait Timeout." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.1." ::= { docsBpiCmBaseEntry 9 }
docsBpiCmAuthWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..30) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Authorize Wait Timeout." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.1." ::= { docsBpiCmBaseEntry 9 }
docsBpiCmReauthWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..30) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Reauthorize Wait Timeout in seconds."
docsBpiCmReauthWaitTimeout对象类型语法整数32(1..30)单位“秒”最大访问只读状态当前描述“此对象的值是以秒为单位的重新授权等待超时。”
REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.2." ::= { docsBpiCmBaseEntry 10 }
REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.2." ::= { docsBpiCmBaseEntry 10 }
docsBpiCmOpWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..10) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Operational Wait Timeout in seconds." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.4." ::= { docsBpiCmBaseEntry 11 }
docsBpiCmOpWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..10) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Operational Wait Timeout in seconds." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.4." ::= { docsBpiCmBaseEntry 11 }
docsBpiCmRekeyWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..10) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Rekey Wait Timeout in seconds." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.5." ::= { docsBpiCmBaseEntry 12 }
docsBpiCmRekeyWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..10) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Rekey Wait Timeout in seconds." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.5." ::= { docsBpiCmBaseEntry 12 }
docsBpiCmAuthRejectWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..600) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Authorization Reject Wait Timeout in seconds." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.7." ::= { docsBpiCmBaseEntry 13 }
docsBpiCmAuthRejectWaitTimeout OBJECT-TYPE SYNTAX Integer32 (1..600) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Authorization Reject Wait Timeout in seconds." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.7." ::= { docsBpiCmBaseEntry 13 }
docsBpiCmAuthRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has transmitted an Authorization Request message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.1." ::= { docsBpiCmBaseEntry 14 }
docsBpiCmAuthRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has transmitted an Authorization Request message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.1." ::= { docsBpiCmBaseEntry 14 }
docsBpiCmAuthReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received an Authorization Reply message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2." ::= { docsBpiCmBaseEntry 15 }
docsBpiCmAuthReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received an Authorization Reply message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2." ::= { docsBpiCmBaseEntry 15 }
docsBpiCmAuthRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received an Authorization Reject message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.3." ::= { docsBpiCmBaseEntry 16 }
docsBpiCmAuthRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received an Authorization Reject message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.3." ::= { docsBpiCmBaseEntry 16 }
docsBpiCmAuthInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received an Authorization Invalid message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.7." ::= { docsBpiCmBaseEntry 17 }
docsBpiCmAuthInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received an Authorization Invalid message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.7." ::= { docsBpiCmBaseEntry 17 }
docsBpiCmAuthRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Reject message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Reject message has been received since reboot."
docsBpiCmAuthRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Reject message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Reject message has been received since reboot."
REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.16." ::= { docsBpiCmBaseEntry 18 }
REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.16." ::= { docsBpiCmBaseEntry 18 }
docsBpiCmAuthRejectErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Authorization Reject message received by the CM. This is a zero length string if no Authorization Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.6." ::= { docsBpiCmBaseEntry 19 }
docsBpiCmAuthRejectErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Authorization Reject message received by the CM. This is a zero length string if no Authorization Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.6." ::= { docsBpiCmBaseEntry 19 }
docsBpiCmAuthInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unsolicited(5), invalidKeySequence(6), keyRequestAuthenticationFailure(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Invalid message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.16." ::= { docsBpiCmBaseEntry 20 }
docsBpiCmAuthInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unsolicited(5), invalidKeySequence(6), keyRequestAuthenticationFailure(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Invalid message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.16." ::= { docsBpiCmBaseEntry 20 }
docsBpiCmAuthInvalidErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Authorization Invalid message received by the CM. This is a zero
docsBpiCmAuthInvalidErrorString对象类型语法DisplayString(大小(0..128))MAX-ACCESS只读状态当前描述“此对象的值是CM收到的最新授权无效消息中的显示字符串。这是零
length string if no Authorization Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.6." ::= { docsBpiCmBaseEntry 21 }
length string if no Authorization Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.6." ::= { docsBpiCmBaseEntry 21 }
-- -- The CM TEK Table, indexed by ifIndex and SID --
----CM TEK表,由ifIndex和SID索引--
docsBpiCmTEKTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmTEKEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the attributes of each CM Traffic Encryption Key (TEK) association. The CM maintains (no more than) one TEK association per SID per CM MAC interface." ::= { docsBpiCmObjects 2 }
docsBpiCmTEKTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmTEKEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the attributes of each CM Traffic Encryption Key (TEK) association. The CM maintains (no more than) one TEK association per SID per CM MAC interface." ::= { docsBpiCmObjects 2 }
docsBpiCmTEKEntry OBJECT-TYPE SYNTAX DocsBpiCmTEKEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing the TEK association attributes of one SID. The CM MUST create one entry per unicast SID, regardless of whether the SID was obtained from a Registration Response message, or from an Authorization Reply message." INDEX { ifIndex, docsIfCmServiceId } ::= { docsBpiCmTEKTable 1 }
docsBpiCmTEKEntry OBJECT-TYPE SYNTAX DocsBpiCmTEKEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing the TEK association attributes of one SID. The CM MUST create one entry per unicast SID, regardless of whether the SID was obtained from a Registration Response message, or from an Authorization Reply message." INDEX { ifIndex, docsIfCmServiceId } ::= { docsBpiCmTEKTable 1 }
DocsBpiCmTEKEntry ::= SEQUENCE { docsBpiCmTEKPrivacyEnable TruthValue, docsBpiCmTEKState INTEGER, docsBpiCmTEKExpiresOld DateAndTime, docsBpiCmTEKExpiresNew DateAndTime, docsBpiCmTEKKeyRequests Counter32, docsBpiCmTEKKeyReplies Counter32, docsBpiCmTEKKeyRejects Counter32, docsBpiCmTEKInvalids Counter32, docsBpiCmTEKAuthPends Counter32, docsBpiCmTEKKeyRejectErrorCode INTEGER, docsBpiCmTEKKeyRejectErrorString DisplayString, docsBpiCmTEKInvalidErrorCode INTEGER, docsBpiCmTEKInvalidErrorString DisplayString }
DocsBpiCmTEKEntry ::= SEQUENCE { docsBpiCmTEKPrivacyEnable TruthValue, docsBpiCmTEKState INTEGER, docsBpiCmTEKExpiresOld DateAndTime, docsBpiCmTEKExpiresNew DateAndTime, docsBpiCmTEKKeyRequests Counter32, docsBpiCmTEKKeyReplies Counter32, docsBpiCmTEKKeyRejects Counter32, docsBpiCmTEKInvalids Counter32, docsBpiCmTEKAuthPends Counter32, docsBpiCmTEKKeyRejectErrorCode INTEGER, docsBpiCmTEKKeyRejectErrorString DisplayString, docsBpiCmTEKInvalidErrorCode INTEGER, docsBpiCmTEKInvalidErrorString DisplayString }
docsBpiCmTEKPrivacyEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object identifies whether this SID is provisioned to run Baseline Privacy. This is analogous to enabling Baseline Privacy on a provisioned SID using the Class-of-Service Privacy Enable option. Baseline Privacy is not effectively enabled for any SID unless Baseline Privacy is enabled for the CM, which is managed via the docsBpiCmPrivacyEnable object." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.2." ::= { docsBpiCmTEKEntry 1 }
docsBpiCmTEKPrivacyEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object identifies whether this SID is provisioned to run Baseline Privacy. This is analogous to enabling Baseline Privacy on a provisioned SID using the Class-of-Service Privacy Enable option. Baseline Privacy is not effectively enabled for any SID unless Baseline Privacy is enabled for the CM, which is managed via the docsBpiCmPrivacyEnable object." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.2." ::= { docsBpiCmTEKEntry 1 }
docsBpiCmTEKState OBJECT-TYPE SYNTAX INTEGER { start(1), opWait(2), opReauthWait(3), operational(4), rekeyWait(5), rekeyReauthWait(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the state of the indicated TEK FSM. The start(1) state indicates that FSM is in its initial state." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.3.1." ::= { docsBpiCmTEKEntry 2 }
docsBpiCmTEKState OBJECT-TYPE SYNTAX INTEGER { start(1), opWait(2), opReauthWait(3), operational(4), rekeyWait(5), rekeyReauthWait(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the state of the indicated TEK FSM. The start(1) state indicates that FSM is in its initial state." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.3.1." ::= { docsBpiCmTEKEntry 2 }
docsBpiCmTEKExpiresOld OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the immediate predecessor of the most recent TEK for this FSM. If this FSM has only one TEK, then the value is the time of activation of this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmTEKEntry 3 }
docsBpiCmTEKExpiresOld OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the immediate predecessor of the most recent TEK for this FSM. If this FSM has only one TEK, then the value is the time of activation of this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmTEKEntry 3 }
docsBpiCmTEKExpiresNew OBJECT-TYPE
docsBpiCmTEKExpiresNew对象类型
SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the most recent TEK for this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmTEKEntry 4 }
SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the most recent TEK for this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmTEKEntry 4 }
docsBpiCmTEKKeyRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has transmitted a Key Request message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.4." ::= { docsBpiCmTEKEntry 5 }
docsBpiCmTEKKeyRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has transmitted a Key Request message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.4." ::= { docsBpiCmTEKEntry 5 }
docsBpiCmTEKKeyReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received a Key Reply message, including a message whose authentication failed." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.5." ::= { docsBpiCmTEKEntry 6 }
docsBpiCmTEKKeyReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received a Key Reply message, including a message whose authentication failed." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.5." ::= { docsBpiCmTEKEntry 6 }
docsBpiCmTEKKeyRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received a Key Reject message, including a message whose authentication failed." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.6." ::= { docsBpiCmTEKEntry 7 }
docsBpiCmTEKKeyRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CM has received a Key Reject message, including a message whose authentication failed." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.6." ::= { docsBpiCmTEKEntry 7 }
docsBpiCmTEKInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current
DOCSBPICMTEKVALIDS对象类型语法计数器32 MAX-ACCESS只读状态当前
DESCRIPTION "The value of this object is the count of times the CM has received a TEK Invalid message, including a message whose authentication failed." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.8." ::= { docsBpiCmTEKEntry 8 }
DESCRIPTION "The value of this object is the count of times the CM has received a TEK Invalid message, including a message whose authentication failed." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.8." ::= { docsBpiCmTEKEntry 8 }
docsBpiCmTEKAuthPends OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times an Authorization Pending (Auth Pend) event occurred in this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.3.3.3." ::= { docsBpiCmTEKEntry 9 }
docsBpiCmTEKAuthPends OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times an Authorization Pending (Auth Pend) event occurred in this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.3.3.3." ::= { docsBpiCmTEKEntry 9 }
docsBpiCmTEKKeyRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Key Reject message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.6 and 4.2.2.16." ::= { docsBpiCmTEKEntry 10 }
docsBpiCmTEKKeyRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Key Reject message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.6 and 4.2.2.16." ::= { docsBpiCmTEKEntry 10 }
docsBpiCmTEKKeyRejectErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Key Reject message received by the CM. This is a zero length string if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.6 and 4.2.2.6." ::= { docsBpiCmTEKEntry 11 }
docsBpiCmTEKKeyRejectErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Key Reject message received by the CM. This is a zero length string if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.6 and 4.2.2.6." ::= { docsBpiCmTEKEntry 11 }
docsBpiCmTEKInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), invalidKeySequence(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent TEK Invalid message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no TEK Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.8 and 4.2.2.16." ::= { docsBpiCmTEKEntry 12 }
docsBpiCmTEKInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), invalidKeySequence(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent TEK Invalid message received by the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no TEK Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.8 and 4.2.2.16." ::= { docsBpiCmTEKEntry 12 }
docsBpiCmTEKInvalidErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent TEK Invalid message received by the CM. This is a zero length string if no TEK Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.8 and 4.2.2.6." ::= { docsBpiCmTEKEntry 13 }
docsBpiCmTEKInvalidErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent TEK Invalid message received by the CM. This is a zero length string if no TEK Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.8 and 4.2.2.6." ::= { docsBpiCmTEKEntry 13 }
-- Cable Modem Termination System Group
--电缆调制解调器终端系统组
docsBpiCmtsObjects OBJECT IDENTIFIER ::= { docsBpiMIBObjects 2 }
docsBpiCmtsObjects OBJECT IDENTIFIER ::= { docsBpiMIBObjects 2 }
-- -- The BPI base table for CMTSs, indexed by ifIndex --
----CMTSs的BPI基表,由ifIndex索引--
docsBpiCmtsBaseTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmtsBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the basic Baseline Privacy attributes of each CMTS MAC interface." ::= { docsBpiCmtsObjects 1 }
docsBpiCmtsBaseTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmtsBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the basic Baseline Privacy attributes of each CMTS MAC interface." ::= { docsBpiCmtsObjects 1 }
docsBpiCmtsBaseEntry OBJECT-TYPE SYNTAX DocsBpiCmtsBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one CMTS MAC interface. An entry in this table exists for each ifEntry with an ifType of docsCableMaclayer(127)." INDEX { ifIndex } ::= { docsBpiCmtsBaseTable 1 }
docsBpiCmtsBaseEntry OBJECT-TYPE SYNTAX DocsBpiCmtsBaseEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one CMTS MAC interface. An entry in this table exists for each ifEntry with an ifType of docsCableMaclayer(127)." INDEX { ifIndex } ::= { docsBpiCmtsBaseTable 1 }
DocsBpiCmtsBaseEntry ::= SEQUENCE { docsBpiCmtsDefaultAuthLifetime Integer32, docsBpiCmtsDefaultTEKLifetime Integer32, docsBpiCmtsDefaultAuthGraceTime Integer32, docsBpiCmtsDefaultTEKGraceTime Integer32, docsBpiCmtsAuthRequests Counter32, docsBpiCmtsAuthReplies Counter32, docsBpiCmtsAuthRejects Counter32, docsBpiCmtsAuthInvalids Counter32 }
DocsBpiCmtsBaseEntry ::= SEQUENCE { docsBpiCmtsDefaultAuthLifetime Integer32, docsBpiCmtsDefaultTEKLifetime Integer32, docsBpiCmtsDefaultAuthGraceTime Integer32, docsBpiCmtsDefaultTEKGraceTime Integer32, docsBpiCmtsAuthRequests Counter32, docsBpiCmtsAuthReplies Counter32, docsBpiCmtsAuthRejects Counter32, docsBpiCmtsAuthInvalids Counter32 }
docsBpiCmtsDefaultAuthLifetime OBJECT-TYPE SYNTAX Integer32 (1..6048000) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the default lifetime, in seconds, the CMTS assigns to a new authorization key." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.2." ::= { docsBpiCmtsBaseEntry 1 }
docsBpiCmtsDefaultAuthLifetime OBJECT-TYPE SYNTAX Integer32 (1..6048000) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the default lifetime, in seconds, the CMTS assigns to a new authorization key." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.2." ::= { docsBpiCmtsBaseEntry 1 }
docsBpiCmtsDefaultTEKLifetime OBJECT-TYPE SYNTAX Integer32 (1..604800) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the default lifetime, in seconds, the CMTS assigns to a new Traffic Encryption Key (TEK)." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.2." ::= { docsBpiCmtsBaseEntry 2 }
docsBpiCmtsDefaultTEKLifetime OBJECT-TYPE SYNTAX Integer32 (1..604800) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the default lifetime, in seconds, the CMTS assigns to a new Traffic Encryption Key (TEK)." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.2." ::= { docsBpiCmtsBaseEntry 2 }
-- Note: the following two objects have been obsoleted from this MIB.
--注意:以下两个对象已从此MIB中淘汰。
docsBpiCmtsDefaultAuthGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-write STATUS obsolete DESCRIPTION "This object was obsoleted because the provisioning system, not the CMTS, manages the authorization key grace time for DOCSIS CMs." ::= { docsBpiCmtsBaseEntry 3 }
docsBpiCmtsDefaultAuthGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-write STATUS obsolete DESCRIPTION "This object was obsoleted because the provisioning system, not the CMTS, manages the authorization key grace time for DOCSIS CMs." ::= { docsBpiCmtsBaseEntry 3 }
docsBpiCmtsDefaultTEKGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-write STATUS obsolete DESCRIPTION "This object was obsoleted because the provisioning system, not the CMTS, manages the Traffic Encryption Key (TEK) grace time for DOCSIS CMs." ::= { docsBpiCmtsBaseEntry 4 }
docsBpiCmtsDefaultTEKGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-write STATUS obsolete DESCRIPTION "This object was obsoleted because the provisioning system, not the CMTS, manages the Traffic Encryption Key (TEK) grace time for DOCSIS CMs." ::= { docsBpiCmtsBaseEntry 4 }
docsBpiCmtsAuthRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has received an Authorization Request message from any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.1." ::= { docsBpiCmtsBaseEntry 5 }
docsBpiCmtsAuthRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has received an Authorization Request message from any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.1." ::= { docsBpiCmtsBaseEntry 5 }
docsBpiCmtsAuthReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Reply message to any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2." ::= { docsBpiCmtsBaseEntry 6 }
docsBpiCmtsAuthReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Reply message to any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2." ::= { docsBpiCmtsBaseEntry 6 }
docsBpiCmtsAuthRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has
DocsbpicmtsauthutsRejects对象类型语法计数器32 MAX-ACCESS只读状态当前描述“此对象的值是CMT已使用的次数
transmitted an Authorization Reject message to any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.3." ::= { docsBpiCmtsBaseEntry 7 }
transmitted an Authorization Reject message to any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.3." ::= { docsBpiCmtsBaseEntry 7 }
docsBpiCmtsAuthInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Invalid message to any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.7." ::= { docsBpiCmtsBaseEntry 8 }
docsBpiCmtsAuthInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Invalid message to any CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.7." ::= { docsBpiCmtsBaseEntry 8 }
-- -- The CMTS Authorization Table, indexed by ifIndex and CM MAC address --
----CMTS授权表,由ifIndex和CM MAC地址索引--
docsBpiCmtsAuthTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmtsAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the attributes of each CM authorization association. The CMTS maintains one authorization association with each Baseline Privacy-enabled CM on each CMTS MAC interface." ::= { docsBpiCmtsObjects 2 }
docsBpiCmtsAuthTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmtsAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the attributes of each CM authorization association. The CMTS maintains one authorization association with each Baseline Privacy-enabled CM on each CMTS MAC interface." ::= { docsBpiCmtsObjects 2 }
docsBpiCmtsAuthEntry OBJECT-TYPE SYNTAX DocsBpiCmtsAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one authorization association. The CMTS MUST create one entry per CM per MAC interface, based on the receipt of an Authorization Request message, and MUST not delete the entry before the CM authorization permanently expires." INDEX { ifIndex, docsBpiCmtsAuthCmMacAddress } ::= { docsBpiCmtsAuthTable 1 }
docsBpiCmtsAuthEntry OBJECT-TYPE SYNTAX DocsBpiCmtsAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one authorization association. The CMTS MUST create one entry per CM per MAC interface, based on the receipt of an Authorization Request message, and MUST not delete the entry before the CM authorization permanently expires." INDEX { ifIndex, docsBpiCmtsAuthCmMacAddress } ::= { docsBpiCmtsAuthTable 1 }
DocsBpiCmtsAuthEntry ::= SEQUENCE { docsBpiCmtsAuthCmMacAddress MacAddress, docsBpiCmtsAuthCmPublicKey OCTET STRING, docsBpiCmtsAuthCmKeySequenceNumber Integer32, docsBpiCmtsAuthCmExpires DateAndTime,
DocsBpiCmtsAuthEntry ::= SEQUENCE { docsBpiCmtsAuthCmMacAddress MacAddress, docsBpiCmtsAuthCmPublicKey OCTET STRING, docsBpiCmtsAuthCmKeySequenceNumber Integer32, docsBpiCmtsAuthCmExpires DateAndTime,
docsBpiCmtsAuthCmLifetime Integer32, docsBpiCmtsAuthCmGraceTime Integer32, docsBpiCmtsAuthCmReset INTEGER, docsBpiCmtsAuthCmRequests Counter32, docsBpiCmtsAuthCmReplies Counter32, docsBpiCmtsAuthCmRejects Counter32, docsBpiCmtsAuthCmInvalids Counter32, docsBpiCmtsAuthRejectErrorCode INTEGER, docsBpiCmtsAuthRejectErrorString DisplayString, docsBpiCmtsAuthInvalidErrorCode INTEGER, docsBpiCmtsAuthInvalidErrorString DisplayString }
docsBpiCmtsAuthCmLifetime整数32、docsBpiCmtsAuthCmGraceTime整数32、docsBpiCmtsAuthCmReset整数、docsBpiCmtsAuthCmRequests计数器32、docsBpiCmtsAuthCmReplies计数器32、docsBpiCmtsAuthCmRejects计数器32、docsBpiCmtsAuthCmInvalids计数器32、docsBpiCmtsAuthRejectErrorCode整数、DocsBpicmtsAuthErrorRejectString显示字符串、,DOCSBPICMTSUTHINVALIDERRORCODE整数,DOCSBPICMTSUTHINVALIDERRORSTRING DisplayString}
docsBpiCmtsAuthCmMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of this object is the physical address of the CM to which the authorization association applies." ::= { docsBpiCmtsAuthEntry 1 }
docsBpiCmtsAuthCmMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of this object is the physical address of the CM to which the authorization association applies." ::= { docsBpiCmtsAuthEntry 1 }
docsBpiCmtsAuthCmPublicKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0 | 74 | 106 | 140 | 270)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is a DER-encoded RSAPublicKey ASN.1 type string, as defined in the RSA Encryption Standard (PKCS #1) [22], corresponding to the public key of the CM. The 74, 106, 140, and 270 byte key encoding lengths correspond to 512 bit, 768 bit, 1024 bit, and 2048 public moduli respectively. This is a zero-length string if the CMTS does not retain the public key." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.2.4." ::= { docsBpiCmtsAuthEntry 2 }
docsBpiCmtsAuthCmPublicKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0 | 74 | 106 | 140 | 270)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is a DER-encoded RSAPublicKey ASN.1 type string, as defined in the RSA Encryption Standard (PKCS #1) [22], corresponding to the public key of the CM. The 74, 106, 140, and 270 byte key encoding lengths correspond to 512 bit, 768 bit, 1024 bit, and 2048 public moduli respectively. This is a zero-length string if the CMTS does not retain the public key." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.2.4." ::= { docsBpiCmtsAuthEntry 2 }
docsBpiCmtsAuthCmKeySequenceNumber OBJECT-TYPE SYNTAX Integer32 (0..15) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the authorization key sequence number for this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2 and 4.2.2.10."
DOCSBPICMTSUTHCMKEYSENCENUMBER对象类型语法整数32(0..15)MAX-ACCESS只读状态当前描述“此对象的值是此CM的授权密钥序列号。”参考“DOCSIS基线隐私接口规范,第4.2.1.2节和第4.2.2.10节。”
::= { docsBpiCmtsAuthEntry 3 }
::= { docsBpiCmtsAuthEntry 3 }
docsBpiCmtsAuthCmExpires OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time when the current authorization for this CM expires. If this CM does not have an active authorization, then the value is of the expiration date and time of the last active authorization." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2 and 4.2.2.9." ::= { docsBpiCmtsAuthEntry 4 }
docsBpiCmtsAuthCmExpires OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time when the current authorization for this CM expires. If this CM does not have an active authorization, then the value is of the expiration date and time of the last active authorization." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2 and 4.2.2.9." ::= { docsBpiCmtsAuthEntry 4 }
docsBpiCmtsAuthCmLifetime OBJECT-TYPE SYNTAX Integer32 (1..6048000) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the lifetime, in seconds, the CMTS assigns to an authorization key for this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2 and Appendix A.2." ::= { docsBpiCmtsAuthEntry 5 }
docsBpiCmtsAuthCmLifetime OBJECT-TYPE SYNTAX Integer32 (1..6048000) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the lifetime, in seconds, the CMTS assigns to an authorization key for this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2 and Appendix A.2." ::= { docsBpiCmtsAuthEntry 5 }
docsBpiCmtsAuthCmGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for the authorization key in seconds. The CM is expected to start trying to get a new authorization key beginning AuthGraceTime seconds before the authorization key actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.3." ::= { docsBpiCmtsAuthEntry 6 }
docsBpiCmtsAuthCmGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for the authorization key in seconds. The CM is expected to start trying to get a new authorization key beginning AuthGraceTime seconds before the authorization key actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.3." ::= { docsBpiCmtsAuthEntry 6 }
docsBpiCmtsAuthCmReset OBJECT-TYPE SYNTAX INTEGER { noResetRequested(1), invalidateAuth(2), sendAuthInvalid(3),
DOCSBPICMTSUTHCMRESET对象类型语法整数{noResetRequested(1),invalidateAuth(2),sendAuthInvalid(3),
invalidateTeks(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to invalidateAuth(2) causes the CMTS to invalidate the current CM authorization key, but not to transmit an Authorization Invalid message nor to invalidate unicast TEKs. Setting this object to sendAuthInvalid(3) causes the CMTS to invalidate the current CM authorization key, and to transmit an Authorization Invalid message to the CM, but not to invalidate unicast TEKs. Setting this object to invalidateTeks(4) causes the CMTS to invalidate the current CM authorization key, to transmit an Authorization Invalid message to the CM, and to invalidate all unicast TEKs associated with this CM authorization. Reading this object returns the most-recently-set value of this object, or returns noResetRequested(1) if the object has not been set since the last CMTS reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.3.4, 4.1.2.3.5, and 4.1.3.3.5." ::= { docsBpiCmtsAuthEntry 7 }
invalidateTeks(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to invalidateAuth(2) causes the CMTS to invalidate the current CM authorization key, but not to transmit an Authorization Invalid message nor to invalidate unicast TEKs. Setting this object to sendAuthInvalid(3) causes the CMTS to invalidate the current CM authorization key, and to transmit an Authorization Invalid message to the CM, but not to invalidate unicast TEKs. Setting this object to invalidateTeks(4) causes the CMTS to invalidate the current CM authorization key, to transmit an Authorization Invalid message to the CM, and to invalidate all unicast TEKs associated with this CM authorization. Reading this object returns the most-recently-set value of this object, or returns noResetRequested(1) if the object has not been set since the last CMTS reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.1.2.3.4, 4.1.2.3.5, and 4.1.3.3.5." ::= { docsBpiCmtsAuthEntry 7 }
docsBpiCmtsAuthCmRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has received an Authorization Request message from this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.1." ::= { docsBpiCmtsAuthEntry 8 }
docsBpiCmtsAuthCmRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has received an Authorization Request message from this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.1." ::= { docsBpiCmtsAuthEntry 8 }
docsBpiCmtsAuthCmReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Reply message to this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2." ::= { docsBpiCmtsAuthEntry 9 }
docsBpiCmtsAuthCmReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Reply message to this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.2." ::= { docsBpiCmtsAuthEntry 9 }
docsBpiCmtsAuthCmRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current
docsBpiCmtsAuthCmRejects对象类型语法计数器32 MAX-ACCESS只读状态当前
DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Reject message to this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.3." ::= { docsBpiCmtsAuthEntry 10 }
DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Reject message to this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.3." ::= { docsBpiCmtsAuthEntry 10 }
docsBpiCmtsAuthCmInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Invalid message to this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.7." ::= { docsBpiCmtsAuthEntry 11 }
docsBpiCmtsAuthCmInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted an Authorization Invalid message to this CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.7." ::= { docsBpiCmtsAuthEntry 11 }
docsBpiCmtsAuthRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Reject message transmitted to the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Reject message has been transmitted to the CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.16." ::= { docsBpiCmtsAuthEntry 12 }
docsBpiCmtsAuthRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Reject message transmitted to the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Reject message has been transmitted to the CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.16." ::= { docsBpiCmtsAuthEntry 12 }
docsBpiCmtsAuthRejectErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Authorization Reject message transmitted to the CM. This is a zero length string if no Authorization Reject message has been transmitted to the CM." REFERENCE
docsBpiCmtsAuthRejectErrorString对象类型语法DisplayString(大小(0..128))MAX-ACCESS只读状态当前描述“此对象的值是传输到CM的最新授权拒绝消息中的显示字符串。如果未向CM传输授权拒绝消息,则此字符串为零长度。”参考
"DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.6." ::= { docsBpiCmtsAuthEntry 13 }
"DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.3 and 4.2.2.6." ::= { docsBpiCmtsAuthEntry 13 }
docsBpiCmtsAuthInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unsolicited(5), invalidKeySequence(6), keyRequestAuthenticationFailure(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Invalid message transmitted to the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Invalid message has been transmitted to the CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.16." ::= { docsBpiCmtsAuthEntry 14 }
docsBpiCmtsAuthInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedCm(3), unsolicited(5), invalidKeySequence(6), keyRequestAuthenticationFailure(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in most recent Authorization Invalid message transmitted to the CM. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Authorization Invalid message has been transmitted to the CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.16." ::= { docsBpiCmtsAuthEntry 14 }
docsBpiCmtsAuthInvalidErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Authorization Invalid message transmitted to the CM. This is a zero length string if no Authorization Invalid message has been transmitted to the CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.6." ::= { docsBpiCmtsAuthEntry 15 }
docsBpiCmtsAuthInvalidErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in most recent Authorization Invalid message transmitted to the CM. This is a zero length string if no Authorization Invalid message has been transmitted to the CM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.7 and 4.2.2.6." ::= { docsBpiCmtsAuthEntry 15 }
-- -- The CMTS TEK Table, indexed by ifIndex and SID --
----CMTS TEK表,由ifIndex和SID索引--
docsBpiCmtsTEKTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiCmtsTEKEntry MAX-ACCESS not-accessible STATUS current
DocsBpiCmtsTEKEntry MAX-ACCESS的docsBpiCmtsTEKTable对象类型语法序列不可访问状态当前
DESCRIPTION "This table describes the attributes of each CM Traffic Encryption Key (TEK) association. The CMTS maintains one TEK association per BPI SID on each CMTS MAC interface." ::= { docsBpiCmtsObjects 3 }
DESCRIPTION "This table describes the attributes of each CM Traffic Encryption Key (TEK) association. The CMTS maintains one TEK association per BPI SID on each CMTS MAC interface." ::= { docsBpiCmtsObjects 3 }
docsBpiCmtsTEKEntry OBJECT-TYPE SYNTAX DocsBpiCmtsTEKEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one TEK association on a particular CMTS MAC interface. The CMTS MUST create one entry per SID per MAC interface, based on the receipt of an Key Request message, and MUST not delete the entry before the CM authorization for the SID permanently expires." INDEX { ifIndex, docsIfCmtsServiceId } ::= { docsBpiCmtsTEKTable 1 }
docsBpiCmtsTEKEntry OBJECT-TYPE SYNTAX DocsBpiCmtsTEKEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing attributes of one TEK association on a particular CMTS MAC interface. The CMTS MUST create one entry per SID per MAC interface, based on the receipt of an Key Request message, and MUST not delete the entry before the CM authorization for the SID permanently expires." INDEX { ifIndex, docsIfCmtsServiceId } ::= { docsBpiCmtsTEKTable 1 }
DocsBpiCmtsTEKEntry ::= SEQUENCE { docsBpiCmtsTEKLifetime Integer32, docsBpiCmtsTEKGraceTime Integer32, docsBpiCmtsTEKExpiresOld DateAndTime, docsBpiCmtsTEKExpiresNew DateAndTime, docsBpiCmtsTEKReset TruthValue, docsBpiCmtsKeyRequests Counter32, docsBpiCmtsKeyReplies Counter32, docsBpiCmtsKeyRejects Counter32, docsBpiCmtsTEKInvalids Counter32, docsBpiCmtsKeyRejectErrorCode INTEGER, docsBpiCmtsKeyRejectErrorString DisplayString, docsBpiCmtsTEKInvalidErrorCode INTEGER, docsBpiCmtsTEKInvalidErrorString DisplayString }
DocsBpiCmtsTEKEntry ::= SEQUENCE { docsBpiCmtsTEKLifetime Integer32, docsBpiCmtsTEKGraceTime Integer32, docsBpiCmtsTEKExpiresOld DateAndTime, docsBpiCmtsTEKExpiresNew DateAndTime, docsBpiCmtsTEKReset TruthValue, docsBpiCmtsKeyRequests Counter32, docsBpiCmtsKeyReplies Counter32, docsBpiCmtsKeyRejects Counter32, docsBpiCmtsTEKInvalids Counter32, docsBpiCmtsKeyRejectErrorCode INTEGER, docsBpiCmtsKeyRejectErrorString DisplayString, docsBpiCmtsTEKInvalidErrorCode INTEGER, docsBpiCmtsTEKInvalidErrorString DisplayString }
docsBpiCmtsTEKLifetime OBJECT-TYPE SYNTAX Integer32 (1..604800) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the lifetime, in seconds, the CMTS assigns to keys for this TEK association." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.5 and Appendix A.2." ::= { docsBpiCmtsTEKEntry 1 }
docsBpiCmtsTEKLifetime OBJECT-TYPE SYNTAX Integer32 (1..604800) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The value of this object is the lifetime, in seconds, the CMTS assigns to keys for this TEK association." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.5 and Appendix A.2." ::= { docsBpiCmtsTEKEntry 1 }
docsBpiCmtsTEKGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for the TEK in seconds. The CM is expected to start trying to get a new TEK beginning TEKGraceTime seconds before the TEK actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.6." ::= { docsBpiCmtsTEKEntry 2 }
docsBpiCmtsTEKGraceTime OBJECT-TYPE SYNTAX Integer32 (1..1800) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the grace time for the TEK in seconds. The CM is expected to start trying to get a new TEK beginning TEKGraceTime seconds before the TEK actually expires." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.6." ::= { docsBpiCmtsTEKEntry 2 }
docsBpiCmtsTEKExpiresOld OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the immediate predecessor of the most recent TEK for this FSM. If this FSM has only one TEK, then the value is the time of activation of this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmtsTEKEntry 3 }
docsBpiCmtsTEKExpiresOld OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the immediate predecessor of the most recent TEK for this FSM. If this FSM has only one TEK, then the value is the time of activation of this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmtsTEKEntry 3 }
docsBpiCmtsTEKExpiresNew OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the most recent TEK for this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmtsTEKEntry 4 }
docsBpiCmtsTEKExpiresNew OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the actual clock time for expiration of the most recent TEK for this FSM." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.5 and 4.2.2.9." ::= { docsBpiCmtsTEKEntry 4 }
docsBpiCmtsTEKReset OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to TRUE causes the CMTS to invalidate the current active TEK(s) (plural due to key transition periods), and to generate a new TEK for the associated SID; the CMTS MAY also generate an unsolicited TEK Invalid message, to optimize the TEK synchronization
docsBpiCmtsTEKReset对象类型语法TruthValue MAX-ACCESS读写状态当前描述“将此对象设置为TRUE会导致CMT使当前活动TEK无效(由于密钥过渡期,复数),并为相关SID生成新的TEK;CMT还可以生成未经请求的TEK无效消息,以优化TEK同步
between the CMTS and the CM. Reading this object always returns FALSE." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.3.3.5." ::= { docsBpiCmtsTEKEntry 5 }
between the CMTS and the CM. Reading this object always returns FALSE." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.1.3.3.5." ::= { docsBpiCmtsTEKEntry 5 }
docsBpiCmtsKeyRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has received a Key Request message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.4." ::= { docsBpiCmtsTEKEntry 6 }
docsBpiCmtsKeyRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has received a Key Request message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.4." ::= { docsBpiCmtsTEKEntry 6 }
docsBpiCmtsKeyReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted a Key Reply message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.5." ::= { docsBpiCmtsTEKEntry 7 }
docsBpiCmtsKeyReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted a Key Reply message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.5." ::= { docsBpiCmtsTEKEntry 7 }
docsBpiCmtsKeyRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted a Key Reject message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.6." ::= { docsBpiCmtsTEKEntry 8 }
docsBpiCmtsKeyRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted a Key Reject message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.6." ::= { docsBpiCmtsTEKEntry 8 }
docsBpiCmtsTEKInvalids OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the count of times the CMTS has transmitted a TEK Invalid message." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Section 4.2.1.8."
DOCSBPICMTSTKEInvalids对象类型语法计数器32 MAX-ACCESS只读状态当前描述“此对象的值是CMTS传输TEK无效消息的次数。”参考“DOCSIS基线隐私接口规范,第4.2.1.8节。”
::= { docsBpiCmtsTEKEntry 9 }
::= { docsBpiCmtsTEKEntry 9 }
docsBpiCmtsKeyRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in the most recent Key Reject message sent in response to a Key Request for this BPI SID. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.6 and 4.2.2.16." ::= { docsBpiCmtsTEKEntry 10 }
docsBpiCmtsKeyRejectErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), unauthorizedSid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in the most recent Key Reject message sent in response to a Key Request for this BPI SID. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.6 and 4.2.2.16." ::= { docsBpiCmtsTEKEntry 10 }
docsBpiCmtsKeyRejectErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in the most recent Key Reject message sent in response to a Key Request for this BPI SID. This is a zero length string if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.6 and 4.2.2.6." ::= { docsBpiCmtsTEKEntry 11 }
docsBpiCmtsKeyRejectErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in the most recent Key Reject message sent in response to a Key Request for this BPI SID. This is a zero length string if no Key Reject message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.6 and 4.2.2.6." ::= { docsBpiCmtsTEKEntry 11 }
docsBpiCmtsTEKInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), invalidKeySequence(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in the most recent TEK Invalid message sent in association with this BPI SID. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no TEK Invalid message has been received
docsBpiCmtsTEKInvalidErrorCode OBJECT-TYPE SYNTAX INTEGER { none(1), unknown(2), invalidKeySequence(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the enumerated description of the Error-Code in the most recent TEK Invalid message sent in association with this BPI SID. This has value unknown(2) if the last Error-Code value was 0, and none(1) if no TEK Invalid message has been received
since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.8 and 4.2.2.16." ::= { docsBpiCmtsTEKEntry 12 }
since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.8 and 4.2.2.16." ::= { docsBpiCmtsTEKEntry 12 }
docsBpiCmtsTEKInvalidErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in the most recent TEK Invalid message sent in association with this BPI SID. This is a zero length string if no TEK Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.8 and 4.2.2.6." ::= { docsBpiCmtsTEKEntry 13 }
docsBpiCmtsTEKInvalidErrorString OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object is the Display-String in the most recent TEK Invalid message sent in association with this BPI SID. This is a zero length string if no TEK Invalid message has been received since reboot." REFERENCE "DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.8 and 4.2.2.6." ::= { docsBpiCmtsTEKEntry 13 }
-- -- The CMTS Multicast Control Group --
----CMTS多播控制组--
docsBpiMulticastControl OBJECT IDENTIFIER ::= { docsBpiCmtsObjects 4 }
docsBpiMulticastControl OBJECT IDENTIFIER ::= { docsBpiCmtsObjects 4 }
-- -- The CMTS IP Multicast Mapping Table, indexed by IP multicast -- address and prefix, and by ifindex --
-- -- The CMTS IP Multicast Mapping Table, indexed by IP multicast -- address and prefix, and by ifindex --
docsBpiIpMulticastMapTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiIpMulticastMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the mapping of IP multicast address prefixes to multicast SIDs on each CMTS MAC interface." ::= { docsBpiMulticastControl 1 }
docsBpiIpMulticastMapTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiIpMulticastMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the mapping of IP multicast address prefixes to multicast SIDs on each CMTS MAC interface." ::= { docsBpiMulticastControl 1 }
docsBpiIpMulticastMapEntry OBJECT-TYPE SYNTAX DocsBpiIpMulticastMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing the mapping of one IP multicast address prefix to one multicast SID on one CMTS MAC interface. The CMTS uses the mapping when forwarding downstream IP multicast traffic."
docsbpiipmulticastmappentry对象类型语法docsbpiipmulticastmappentry MAX-ACCESS不可访问状态当前描述“每个条目包含描述一个IP多播地址前缀到一个CMTS MAC接口上的一个多播SID映射的对象。CMTS在转发下游IP多播流量时使用该映射。”
INDEX { ifIndex, docsBpiIpMulticastAddress, docsBpiIpMulticastPrefixLength } ::= { docsBpiIpMulticastMapTable 1 }
INDEX { ifIndex, docsBpiIpMulticastAddress, docsBpiIpMulticastPrefixLength } ::= { docsBpiIpMulticastMapTable 1 }
DocsBpiIpMulticastMapEntry ::= SEQUENCE { docsBpiIpMulticastAddress IpAddress, docsBpiIpMulticastPrefixLength Integer32, docsBpiIpMulticastServiceId Integer32, docsBpiIpMulticastMapControl RowStatus }
DocsBpiIpMulticastMapEntry ::= SEQUENCE { docsBpiIpMulticastAddress IpAddress, docsBpiIpMulticastPrefixLength Integer32, docsBpiIpMulticastServiceId Integer32, docsBpiIpMulticastMapControl RowStatus }
docsBpiIpMulticastAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the IP multicast address (prefix) to be mapped by this row, in conjunction with docsBpiIpMulticastPrefixLength." ::= { docsBpiIpMulticastMapEntry 1 }
docsBpiIpMulticastAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the IP multicast address (prefix) to be mapped by this row, in conjunction with docsBpiIpMulticastPrefixLength." ::= { docsBpiIpMulticastMapEntry 1 }
docsBpiIpMulticastPrefixLength OBJECT-TYPE SYNTAX Integer32 (0..32) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the IP multicast address prefix length for this row. The value of this object represents the length in bits of docsBpiIpMulticastAddress for multicast address comparisons, using big-endian ordering. An IP multicast address matches this row if the (docsBpiIpMulticastPrefixLength) most significant bits of the IP multicast address and of the (docsBpiIpMulticastAddress) are identical. This object is similar in usage to an IP address mask. The value 0 corresponds to IP address mask 0.0.0.0, the value 1 corresponds to IP address mask 128.0.0.0, the value 8 corresponds to IP address mask 255.0.0.0, and the value 32 corresponds to IP address mask 255.255.255.255." ::= { docsBpiIpMulticastMapEntry 2 }
docsBpiIpMulticastPrefixLength OBJECT-TYPE SYNTAX Integer32 (0..32) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the IP multicast address prefix length for this row. The value of this object represents the length in bits of docsBpiIpMulticastAddress for multicast address comparisons, using big-endian ordering. An IP multicast address matches this row if the (docsBpiIpMulticastPrefixLength) most significant bits of the IP multicast address and of the (docsBpiIpMulticastAddress) are identical. This object is similar in usage to an IP address mask. The value 0 corresponds to IP address mask 0.0.0.0, the value 1 corresponds to IP address mask 128.0.0.0, the value 8 corresponds to IP address mask 255.0.0.0, and the value 32 corresponds to IP address mask 255.255.255.255." ::= { docsBpiIpMulticastMapEntry 2 }
docsBpiIpMulticastServiceId OBJECT-TYPE SYNTAX Integer32 (8192..16368) MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the multicast SID to be used in this IP multicast address prefix mapping entry." -- DEFVAL is an unused multicast SID value chosen by CMTS.
docsBpiIpMulticastServiceId对象类型语法Integer32(8192..16368)MAX-ACCESS read create STATUS current DESCRIPTION“此对象表示要在此IP多播地址前缀映射项中使用的多播SID。”--deffal是CMTS选择的未使用的多播SID值。
::= { docsBpiIpMulticastMapEntry 3 }
::= { docsBpiIpMulticastMapEntry 3 }
docsBpiIpMulticastMapControl OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object controls and reflects the IP multicast address prefix mapping entry. There is no restriction on the ability to change values in this row while the row is active." ::= { docsBpiIpMulticastMapEntry 4 }
docsBpiIpMulticastMapControl OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object controls and reflects the IP multicast address prefix mapping entry. There is no restriction on the ability to change values in this row while the row is active." ::= { docsBpiIpMulticastMapEntry 4 }
-- -- The CMTS Multicast SID Authorization Table, indexed by ifIndex by -- multicast SID by CM MAC address --
-- -- The CMTS Multicast SID Authorization Table, indexed by ifIndex by -- multicast SID by CM MAC address --
docsBpiMulticastAuthTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiMulticastAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the multicast SID authorization for each CM on each CMTS MAC interface." ::= { docsBpiMulticastControl 2 }
docsBpiMulticastAuthTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsBpiMulticastAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table describes the multicast SID authorization for each CM on each CMTS MAC interface." ::= { docsBpiMulticastControl 2 }
docsBpiMulticastAuthEntry OBJECT-TYPE SYNTAX DocsBpiMulticastAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing the key authorization of one cable modem for one multicast SID for one CMTS MAC interface." INDEX { ifIndex, docsBpiMulticastServiceId, docsBpiMulticastCmMacAddress } ::= { docsBpiMulticastAuthTable 1 }
docsBpiMulticastAuthEntry OBJECT-TYPE SYNTAX DocsBpiMulticastAuthEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains objects describing the key authorization of one cable modem for one multicast SID for one CMTS MAC interface." INDEX { ifIndex, docsBpiMulticastServiceId, docsBpiMulticastCmMacAddress } ::= { docsBpiMulticastAuthTable 1 }
DocsBpiMulticastAuthEntry ::= SEQUENCE { docsBpiMulticastServiceId Integer32, docsBpiMulticastCmMacAddress MacAddress, docsBpiMulticastAuthControl RowStatus }
DocsBpiMulticastAuthEntry ::= SEQUENCE { docsBpiMulticastServiceId Integer32, docsBpiMulticastCmMacAddress MacAddress, docsBpiMulticastAuthControl RowStatus }
docsBpiMulticastServiceId OBJECT-TYPE SYNTAX Integer32 (8192..16368) MAX-ACCESS not-accessible STATUS current DESCRIPTION
docsBpiMulticastServiceId对象类型语法整数32(8192..16368)MAX-ACCESS不可访问状态当前说明
"This object represents the multicast SID for authorization." ::= { docsBpiMulticastAuthEntry 1 }
"This object represents the multicast SID for authorization." ::= { docsBpiMulticastAuthEntry 1 }
docsBpiMulticastCmMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the MAC address of the CM to which the multicast SID authorization applies." ::= { docsBpiMulticastAuthEntry 2 }
docsBpiMulticastCmMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object represents the MAC address of the CM to which the multicast SID authorization applies." ::= { docsBpiMulticastAuthEntry 2 }
docsBpiMulticastAuthControl OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object controls and reflects the CM authorization for each multicast SID. There is no restriction on the ability to change values in this row while the row is active." ::= { docsBpiMulticastAuthEntry 3 }
docsBpiMulticastAuthControl OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object controls and reflects the CM authorization for each multicast SID. There is no restriction on the ability to change values in this row while the row is active." ::= { docsBpiMulticastAuthEntry 3 }
-- -- The BPI MIB Conformance Statements (with a placeholder for -- notifications) --
-- -- The BPI MIB Conformance Statements (with a placeholder for -- notifications) --
docsBpiNotification OBJECT IDENTIFIER ::= { docsBpiMIB 2 } docsBpiConformance OBJECT IDENTIFIER ::= { docsBpiMIB 3 } docsBpiCompliances OBJECT IDENTIFIER ::= { docsBpiConformance 1 } docsBpiGroups OBJECT IDENTIFIER ::= { docsBpiConformance 2 }
docsBpiNotification OBJECT IDENTIFIER ::= { docsBpiMIB 2 } docsBpiConformance OBJECT IDENTIFIER ::= { docsBpiMIB 3 } docsBpiCompliances OBJECT IDENTIFIER ::= { docsBpiConformance 1 } docsBpiGroups OBJECT IDENTIFIER ::= { docsBpiConformance 2 }
docsBpiBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "This is the compliance statement for devices which implement the DOCSIS Baseline Privacy Interface."
docsBpiBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION“这是实现DOCSIS基线隐私接口的设备的合规声明。”
MODULE -- docsBpiMIB
模块——docsBpiMIB
-- conditionally mandatory group GROUP docsBpiCmGroup DESCRIPTION "This group is implemented only in CMs, not in CMTSs."
--条件强制组组docsBpiCmGroup DESCRIPTION“此组仅在CMs中实现,不在CMTSs中实现。”
-- conditionally mandatory group GROUP docsBpiCmtsGroup DESCRIPTION
--条件强制组组docsBpiCmtsGroup说明
"This group is implemented only in CMTSs, not in CMs."
此组仅在CMTSs中实现,而不在CMs中实现
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmAuthGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmAuthGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmTEKGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmTEKGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range OBJECT docsBpiCmtsDefaultAuthLifetime SYNTAX Integer32 (86400..6048000) DESCRIPTION "The refined range corresponds to the minimum and maximum values in operational networks, according to Appendix A.2 in [18]."
--放宽强制范围对象DOCSBPICMTSDaultAuthLifetime语法整数32(86400..6048000)说明“根据[18]中的附录A.2,细化范围对应于操作网络中的最小值和最大值。”
-- relaxation on mandatory range OBJECT docsBpiCmtsDefaultTEKLifetime SYNTAX Integer32 (1800..604800) DESCRIPTION "The refined range corresponds to the minimum and maximum values in operational networks, according to Appendix A.2 in [18]."
--放宽强制性范围对象DOCSBPICMTSDaultTekLifetime语法整数32(1800..604800)说明“根据[18]中的附录A.2,细化范围对应于操作网络中的最小值和最大值。”
-- relaxation on mandatory range (object removed from MIB) -- OBJECT docsBpiCmtsDefaultAuthGraceTime -- SYNTAX INTEGER (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (object removed from MIB) -- OBJECT docsBpiCmtsDefaultAuthGraceTime -- SYNTAX INTEGER (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (object removed from MIB) -- OBJECT docsBpiCmtsDefaultTEKGraceTime -- SYNTAX INTEGER (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (object removed from MIB) -- OBJECT docsBpiCmtsDefaultTEKGraceTime -- SYNTAX INTEGER (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range OBJECT docsBpiCmtsAuthCmLifetime SYNTAX Integer32 (86400..6048000) DESCRIPTION
--放宽强制范围对象docsbpicmtsauthcmlLifetime语法整数32(86400..6048000)说明
"The refined range corresponds to the minimum and maximum values in operational networks, according to Appendix A.2 in [18]."
“根据[18]中的附录A.2,优化范围对应于运行网络中的最小值和最大值。”
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmtsAuthCmGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmtsAuthCmGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range OBJECT docsBpiCmtsTEKLifetime SYNTAX Integer32 (1800..604800) DESCRIPTION "The refined range corresponds to the minimum and maximum values in operational networks, according to Appendix A.2 in [18]."
--放宽强制性范围对象DOCSBPICMTSTEK寿命语法整数32(1800..604800)说明“根据[18]中的附录A.2,细化范围对应于操作网络中的最小值和最大值。”
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmtsTEKGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
-- relaxation on mandatory range (unnecessary since object is read-only) -- OBJECT docsBpiCmtsTEKGraceTime -- SYNTAX Integer32 (300..1800) -- DESCRIPTION -- "The refined range corresponds to the minimum and maximum values in -- operational networks, according to Appendix A.2 in [18]."
::= { docsBpiCompliances 1 }
::= { docsBpiCompliances 1 }
docsBpiCmGroup OBJECT-GROUP OBJECTS { docsBpiCmPrivacyEnable, docsBpiCmPublicKey, docsBpiCmAuthState, docsBpiCmAuthKeySequenceNumber, docsBpiCmAuthExpires, docsBpiCmAuthReset, docsBpiCmAuthGraceTime, docsBpiCmTEKGraceTime, docsBpiCmAuthWaitTimeout, docsBpiCmReauthWaitTimeout, docsBpiCmOpWaitTimeout, docsBpiCmRekeyWaitTimeout, docsBpiCmAuthRejectWaitTimeout, docsBpiCmAuthRequests, docsBpiCmAuthReplies, docsBpiCmAuthRejects, docsBpiCmAuthInvalids, docsBpiCmAuthRejectErrorCode, docsBpiCmAuthRejectErrorString, docsBpiCmAuthInvalidErrorCode,
docsBpiCmGroup对象组对象{docsbpicmprivacEnable,docsbpicmppublickey,docsBpiCmAuthState,docsBpiCmAuthKeySequenceNumber,docsBpiCmAuthExpires,docsBpiCmAuthReset,docsBpiCmAuthGraceTime,docsBpiCmAuthWaitTimeout,docsBpiCmAuthWaitTimeout,docsBpiCmAuthWaitTimeout,docsBpiCmAuthRejectWaitTimeout,docsBpiCmAuthRequests,docsBpiCmAuthReplies、docsBpiCmAuthRejects、docsBpiCmAuthRejects验证码、docsBpiCmAuthRejectErrorCode、docsBpiCmAuthRejectErrorString、DocsbpicmauthInvaliderErrorCode、,
docsBpiCmAuthInvalidErrorString, docsBpiCmTEKPrivacyEnable, docsBpiCmTEKState, docsBpiCmTEKExpiresOld, docsBpiCmTEKExpiresNew, docsBpiCmTEKKeyRequests, docsBpiCmTEKKeyReplies, docsBpiCmTEKKeyRejects, docsBpiCmTEKInvalids, docsBpiCmTEKAuthPends, docsBpiCmTEKKeyRejectErrorCode, docsBpiCmTEKKeyRejectErrorString, docsBpiCmTEKInvalidErrorCode, docsBpiCmTEKInvalidErrorString } STATUS current DESCRIPTION "This collection of objects provides CM BPI status and control." ::= { docsBpiGroups 1 }
docsBpiCmAuthInvalidErrorString, docsBpiCmTEKPrivacyEnable, docsBpiCmTEKState, docsBpiCmTEKExpiresOld, docsBpiCmTEKExpiresNew, docsBpiCmTEKKeyRequests, docsBpiCmTEKKeyReplies, docsBpiCmTEKKeyRejects, docsBpiCmTEKInvalids, docsBpiCmTEKAuthPends, docsBpiCmTEKKeyRejectErrorCode, docsBpiCmTEKKeyRejectErrorString, docsBpiCmTEKInvalidErrorCode, docsBpiCmTEKInvalidErrorString } STATUS current DESCRIPTION "This collection of objects provides CM BPI status and control." ::= { docsBpiGroups 1 }
docsBpiCmtsGroup OBJECT-GROUP OBJECTS { docsBpiCmtsDefaultAuthLifetime, docsBpiCmtsDefaultTEKLifetime, docsBpiCmtsAuthRequests, docsBpiCmtsAuthReplies, docsBpiCmtsAuthRejects, docsBpiCmtsAuthInvalids, docsBpiCmtsAuthCmPublicKey, docsBpiCmtsAuthCmKeySequenceNumber, docsBpiCmtsAuthCmExpires, docsBpiCmtsAuthCmLifetime, docsBpiCmtsAuthCmGraceTime, docsBpiCmtsAuthCmReset, docsBpiCmtsAuthCmRequests, docsBpiCmtsAuthCmReplies, docsBpiCmtsAuthCmRejects, docsBpiCmtsAuthCmInvalids, docsBpiCmtsAuthRejectErrorCode, docsBpiCmtsAuthRejectErrorString, docsBpiCmtsAuthInvalidErrorCode, docsBpiCmtsAuthInvalidErrorString, docsBpiCmtsTEKLifetime, docsBpiCmtsTEKGraceTime, docsBpiCmtsTEKExpiresOld, docsBpiCmtsTEKExpiresNew, docsBpiCmtsTEKReset, docsBpiCmtsKeyRequests,
docsBpiCmtsGroup对象组对象{docsBpiCmtsDefaultAuthLifetime,docsBpiCmtsDefaultTEKLifetime,docsBpiCmtsAuthRequests,docsBpiCmtsAuthReplies,docsBpiCmtsAuthRejects,docsBpiCmtsAuthInvalids,docsBpiCmtsAuthCmPublicKey,docsBpiCmtsAuthCmKeySequenceNumber,docsBpiCmtsAuthCmExpires,docsBpiCmtsAuthCmLifetime,docsBpiCmtsAuthCmReset,docsBpiCmtsAuthCm请求,docsBpiCmtsAuthCmReplies,docsBpiCmtsAuthCmRejects,docsBpiCmtsAuthRejectErrorCode,docsBpiCmtsAuthRejectErrorString,DocsbpicmtsAuthInvaliderErrorCode,DocsbpicmtsAuthInvaliderErrorString,docsBpiCmtsTEKLifetime,docsBpiCmtsTEKGraceTime,docsBpiCmtsTEKExpiresNew,docsBpiCmtsTEKReset,docsBpiCmtsTEKReset,docsBPICMTSKEQUESTS,
docsBpiCmtsKeyReplies, docsBpiCmtsKeyRejects, docsBpiCmtsTEKInvalids, docsBpiCmtsKeyRejectErrorCode, docsBpiCmtsKeyRejectErrorString, docsBpiCmtsTEKInvalidErrorCode, docsBpiCmtsTEKInvalidErrorString, docsBpiIpMulticastServiceId, docsBpiIpMulticastMapControl, docsBpiMulticastAuthControl } STATUS current DESCRIPTION "This collection of objects provides CMTS BPI status and control." ::= { docsBpiGroups 2 }
docsBpiCmtsKeyReplies, docsBpiCmtsKeyRejects, docsBpiCmtsTEKInvalids, docsBpiCmtsKeyRejectErrorCode, docsBpiCmtsKeyRejectErrorString, docsBpiCmtsTEKInvalidErrorCode, docsBpiCmtsTEKInvalidErrorString, docsBpiIpMulticastServiceId, docsBpiIpMulticastMapControl, docsBpiMulticastAuthControl } STATUS current DESCRIPTION "This collection of objects provides CMTS BPI status and control." ::= { docsBpiGroups 2 }
docsBpiObsoleteObjectsGroup OBJECT-GROUP OBJECTS { docsBpiCmtsDefaultAuthGraceTime, docsBpiCmtsDefaultTEKGraceTime } STATUS obsolete DESCRIPTION "This is a collection of obsolete BPI objects." ::= { docsBpiGroups 3 }
docsBpiObsoleteObjectsGroup OBJECT-GROUP OBJECTS { docsBpiCmtsDefaultAuthGraceTime, docsBpiCmtsDefaultTEKGraceTime } STATUS obsolete DESCRIPTION "This is a collection of obsolete BPI objects." ::= { docsBpiGroups 3 }
END
终止
This document was produced by the IPCDN Working Group. Much of the content of this MIB was conceived by Chet Birger and Mike StJohns. Kazuyoshi Ozawa and Bob Himlin provided many useful technical corrections.
本文件由IPCDN工作组编制。这个MIB的大部分内容是由Chet Birger和Mike StJohns构思的。小泽一吉和鲍勃·希姆林提供了许多有用的技术更正。
[1] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999.
[1] Harrington,D.,Presohn,R.和B.Wijnen,“描述SNMP管理框架的体系结构”,RFC 2571,1999年4月。
[2] Rose, M. and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990.
[2] Rose,M.和K.McCloghrie,“基于TCP/IP的互联网管理信息的结构和识别”,STD 16,RFC 1155,1990年5月。
[3] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991.
[3] Rose,M.和K.McCloghrie,“简明MIB定义”,STD 16,RFC 1212,1991年3月。
[4] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991.
[4] Rose,M.“定义用于SNMP的陷阱的约定”,RFC1215,1991年3月。
[5] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Structure of e Management Information for Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[5] McCloghrie,K.,Perkins,D.和J.Schoenwaeld,“版本2(SMIv2)的电子管理信息结构”,STD 58,RFC 2578,1999年4月。
[6] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.
[6] McCloghrie,K.,Perkins,D.和J.Schoenwaeld,“SMIv2的文本约定”,STD 58,RFC 2579,1999年4月。
[7] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.
[7] McCloghrie,K.,Perkins,D.和J.Schoenwaeld,“SMIv2的一致性声明”,STD 58,RFC 25801999年4月。
[8] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple Network Management Protocol", STD 15, RFC 1157, May 1990.
[8] Case,J.,Fedor,M.,Schoffstall,M.和J.Davin,“简单网络管理协议”,STD 15,RFC 1157,1990年5月。
[9] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996.
[9] Case,J.,McCloghrie,K.,Rose,M.和S.Waldbusser,“基于社区的SNMPv2简介”,RFC 19011996年1月。
[10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996.
[10] Case,J.,McCloghrie,K.,Rose,M.和S.Waldbusser,“简单网络管理协议(SNMPv2)版本2的传输映射”,RFC 1906,1996年1月。
[11] Case, J., Harrington D., Presuhn R. and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999.
[11] Case,J.,Harrington D.,Presohn R.和B.Wijnen,“简单网络管理协议(SNMP)的消息处理和调度”,RFC 2572,1999年4月。
[12] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999.
[12] Blumenthal,U.和B.Wijnen,“简单网络管理协议(SNMPv3)第3版的基于用户的安全模型(USM)”,RFC 2574,1999年4月。
[13] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996.
[13] Case,J.,McCloghrie,K.,Rose,M.和S.Waldbusser,“简单网络管理协议(SNMPv2)版本2的协议操作”,RFC 1905,1996年1月。
[14] Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC 2573, April 1999.
[14] Levi,D.,Meyer,P.和B.Stewart,“SNMP应用”,RFC2573,1999年4月。
[15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999.
[15] Wijnen,B.,Presuhn,R.和K.McCloghrie,“用于简单网络管理协议(SNMP)的基于视图的访问控制模型(VACM)”,RFC2575,1999年4月。
[16] St. Johns, M., editor, "Radio Frequency (RF) Interface Management Information Base for MCNS/DOCSIS compliant RF interfaces", RFC 2670, August 1999.
[16] 圣约翰,M.,编辑,“MCNS/DOCSIS兼容射频接口的射频(RF)接口管理信息库”,RFC 26701999年8月。
[17] St. Johns, M., editor, "DOCSIS Cable Device MIB, Cable Device Management Information Base for DOCSIS compliant Cable Modems and Cable Modem Termination Systems", RFC 2669, August 1999.
[17] 圣约翰,M.,编辑,“DOCSIS电缆设备MIB,符合DOCSIS标准的电缆调制解调器和电缆调制解调器终端系统的电缆设备管理信息库”,RFC 2669,1999年8月。
[18] "Data-Over-Cable Service Interface Specifications: Baseline Privacy Interface Specification SP-BPI-I02-990319", DOCSIS, March 1999, http://www.cablemodem.com/.
[18] “有线数据服务接口规范:基线隐私接口规范SP-BPI-I02-990319”,DOCSIS,1999年3月,http://www.cablemodem.com/.
[19] "Data-Over-Cable Service Interface Specifications: Cable Modem Radio Frequency Interface Specification SP-RFI-I05-991105", DOCSIS, November 1999, http://www.cablemodem.com/.
[19] “电缆数据服务接口规范:电缆调制解调器射频接口规范SP-RFI-I05-991105”,DOCSIS,1999年11月,http://www.cablemodem.com/.
[20] "Data-Over-Cable Service Interface Specifications: Operations Support System Interface Specification RF Interface SP-OSSI-RF-I02-990113", DOCSIS, January 1999, http://www.cablemodem.com/.
[20] “有线数据服务接口规范:操作支持系统接口规范RF接口SP-OSI-RF-I02-990113”,DOCSIS,1999年1月,http://www.cablemodem.com/.
[21] "Data-Over-Cable Service Interface Specifications: Baseline Privacy Plus Interface Specification SP-BPI+-I05-000714", DOCSIS, July 2000, http://www.cablemodem.com/.
[21] “有线数据服务接口规范:基线隐私加接口规范SP-BPI+-I05-000714”,DOCSIS,2000年7月,http://www.cablemodem.com/.
[22] RSA Laboratories, "The Public-Key Cryptography Standards", RSA Data Security Inc., Redwood City, CA.
[22] RSA实验室,“公钥加密标准”,RSA数据安全公司,加利福尼亚州红木市。
[23] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[23] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[24] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999.
[24] Case,J.,Mundy,R.,Partain,D.,和B.Stewart,“互联网标准网络管理框架第3版简介”,RFC 25701999年4月。
The Baseline Privacy Interface provides data encryption for DOCSIS data-over-cable services. Baseline Privacy-capable cable modems have RSA private/public key pairs installed by manufacturers. The public key is used to encrypt an Authorization key, and the Authorization key is used to encrypt one or more Traffic Encryption Keys (TEKs). The TEKs are used to encrypt both upstream and downstream data traffic. Please refer to [18] to obtain further information on the Baseline Privacy specification.
基线隐私接口通过有线服务为DOCSIS数据提供数据加密。基线隐私功能电缆调制解调器具有制造商安装的RSA私钥/公钥对。公钥用于加密授权密钥,授权密钥用于加密一个或多个流量加密密钥(TEK)。TEK用于加密上游和下游数据流量。有关基线隐私规范的更多信息,请参考[18]。
In particular, the Baseline Privacy Interface does not provide an authentication service. CMTS implementors are encouraged not to rely on the MAC address of the CM for service authorization -- in particular, for the docsBpiMulticastAuthTable in this MIB. The Baseline Privacy Plus Interface does provide a CM authentication service, and the working group expects to issue a MIB for the management of BPI+ at a later time.
特别是,基线隐私接口不提供身份验证服务。鼓励CMTS实现者不要依赖CM的MAC地址进行服务授权——特别是对于此MIB中的DOCSBPIMulticCastAuthTable。基线Privacy Plus接口确实提供了CM身份验证服务,工作组希望稍后发布一个用于管理BPI+的MIB。
This MIB specification contains a number of read-write objects, that should be protected from unauthorized modification to prevent denial of service and theft of service attacks: in particular, objects that reset state machines (ex. docsBpiCmAuthReset), change key lifetimes (ex. docsBpiCmtsDefaultAuthLifetime), change rekeying grace times (ex. docsBpiCmtsDefaultAuthGraceTime), and control multicast traffic (ex. most objects in the docsBpiMulticastControl group).
此MIB规范包含许多读写对象,应保护这些对象不受未经授权的修改,以防止拒绝服务和服务盗窃攻击:特别是重置状态机(例如docsBpiCmAuthReset)、更改密钥生存期(例如docsBpiCmtsDefaultAuthLifetime)、更改密钥更新宽限期的对象(例如docsBpiCmtsDefaultAuthGraceTime)和控制多播通信量(例如Docsbpi多播控制组中的大多数对象)。
The desired means to protect these objects from unwarranted access is to implement the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model [12] and the View-based Access Control Model [15] is recommended.
保护这些对象免受不正当访问的理想方法是实现SNMPv3框架提供的安全特性。具体而言,建议使用基于用户的安全模型[12]和基于视图的访问控制模型[15]。
Weaker methods to protect CMs from unauthorized access include using the docsDevNmAccessTable from the Cable Device MIB [17] to disallow configuration changes from unauthorized network management stations, and using the SNMP MIB Object and SNMP Write-Access Control configuration file options from the Radio Frequency Interface [19] to set MIB object values and disable SNMP SET operations at cable modem boot time. Note that these mechanisms may be vulnerable to an unauthorized network management station "spoofing" the source address of a legitimate network management station.
保护CMs免受未经授权访问的较弱方法包括使用电缆设备MIB的Docsdevnmaccestable[17]禁止未经授权的网络管理站更改配置,以及使用射频接口的SNMP MIB对象和SNMP写入访问控制配置文件选项[19]在电缆调制解调器启动时设置MIB对象值并禁用SNMP设置操作。请注意,这些机制可能容易受到未经授权的网络管理站“欺骗”合法网络管理站的源地址的攻击。
The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何努力来确定任何此类权利。有关IETF在标准跟踪和标准相关文件中权利的程序信息,请参见BCP-11。可从IETF秘书处获得可供发布的权利声明副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果。
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涉及实施本标准所需技术的专有权利。请将信息发送给IETF执行董事。
Richard Woundy Cisco Systems 250 Apollo Drive Chelmsford, MA 01824 U.S.A.
Richard Woundy Cisco Systems美国马萨诸塞州切姆斯福德阿波罗大道250号01824。
Phone: +1 978 244 8000 EMail: rwoundy@cisco.com
Phone: +1 978 244 8000 EMail: rwoundy@cisco.com
Copyright (C) The Internet Society (2001). All Rights Reserved.
版权所有(C)互联网协会(2001年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。