Network Working Group                                         C. DeSanti
Request for Comments: 4936                                    H.K. Vivek
Category: Standards Track                                  K. McCloghrie
                                                           Cisco Systems
                                                                  S. Gai
                                                           Nuova Systems
                                                             August 2007


                     Fibre Channel Zone Server MIB

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

Abstract

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes managed objects for information related
   to a Fibre Channel Zone Server.






















DeSanti, et al.             Standards Track                     [Page 1]


RFC 4936                   FC Zone Server MIB                August 2007


Table of Contents

   1. Introduction ....................................................3
   2. The Internet-Standard Management Framework ......................3
   3. Overview of Fibre Channel .......................................3
      3.1. General Overview ...........................................3
      3.2. Zoning .....................................................4
      3.3. Zoning Configuration and Management ........................5
   4. Relationship to Other MIBs ......................................7
   5. MIB Overview ....................................................8
      5.1. Fibre Channel Management Instance ..........................8
      5.2. Switch Index ...............................................8
      5.3. Fabric Index ...............................................8
      5.4. Locking the Fabric .........................................9
      5.5. Basic and Enhanced Modes ..................................10
      5.6. Persistent Storage ........................................10
      5.7. The Active Zone Set and the Zone Set Database .............11
      5.8. Conformance Groups ........................................12
   6. The T11-FC-FABRIC-LOCK-MIB Module ..............................13
   7. The T11-FC-ZONE-SERVER-MIB Module ..............................24
   8. IANA Considerations ............................................79
   9. Security Considerations ........................................79
   10. Acknowledgements ..............................................80
   11. Normative References ..........................................81
   12. Informative References ........................................82


























DeSanti, et al.             Standards Track                     [Page 2]


RFC 4936                   FC Zone Server MIB                August 2007


1.  Introduction

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes managed objects for information related
   to a Fibre Channel network's Zone Server.

   This memo was previously approved by INternational Committee for
   Information Technology Standards (INCITS) Task Group T11.5
   (http://www.t11.org); this document is a product of the IETF's IMSS
   working group.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in BCP 14, RFC 2119
   [RFC2119].

2.  The Internet-Standard Management Framework

   For a detailed overview of the documents that describe the current
   Internet-Standard Management Framework, please refer to section 7 of
   RFC 3410 [RFC3410].

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  MIB objects are generally
   accessed through the Simple Network Management Protocol (SNMP).
   Objects in the MIB are defined using the mechanisms defined in the
   Structure of Management Information (SMI).  This memo specifies a MIB
   module that is compliant to the SMIv2, which is described in STD 58,
   RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
   [RFC2580].

3.  Overview of Fibre Channel

3.1.  General Overview

   The Fibre Channel (FC) is logically a bidirectional point-to-point
   serial data channel, structured for high performance.  Fibre Channel
   provides a general transport vehicle for higher-level protocols such
   as Small Computer System Interface (SCSI) command sets, the High-
   Performance Parallel Interface (HIPPI) data framing, IP (Internet
   Protocol), IEEE 802.2, and others.

   Physically, Fibre Channel is an interconnection of multiple
   communication points, called N_Ports, interconnected either by a
   switching network, called a Fabric, or by a point-to-point link.  A
   Fibre Channel "node" consists of one or more N_Ports.  A Fabric may
   consist of multiple Interconnect Elements, some of which are



DeSanti, et al.             Standards Track                     [Page 3]


RFC 4936                   FC Zone Server MIB                August 2007


   switches.  An N_Port connects to the Fabric via a port on a switch
   called an F_Port.  When multiple FC nodes are connected to a single
   port on a switch via an "Arbitrated Loop" topology, the switch port
   is called an FL_Port, and the nodes' ports are called NL_Ports.  The
   term Nx_Port is used to refer to either an N_Port or an NL_Port.  The
   term Fx_Port is used to refer to either an F_Port or an FL_Port.  A
   switch port, which is interconnected to another switch port via an
   Inter-Switch Link (ISL), is called an E_Port.  A B_Port connects a
   bridge device with an E_Port on a switch; a B_Port provides a subset
   of E_Port functionality.

   Many Fibre Channel components, including the Fabric, each node, and
   most ports, have globally unique names.  These globally unique names
   are typically formatted as World Wide Names (WWNs).  More information
   on WWNs can be found in [FC-FS].  WWNs are expected to be persistent
   across agent and unit resets.

   Fibre Channel frames contain 24-bit address identifiers that identify
   the frame's source and destination ports.  Each FC port has both an
   address identifier and a WWN.  For an Nx_Port, its WWN is called a
   N_Port_Name and its address identifier is called an N_Port_ID.  When
   a Fabric is in use, the FC address identifiers are dynamic and are
   assigned by a switch.  Each octet of a 24-bit address represents a
   level in an address hierarchy, with a Domain_ID being the highest
   level of the hierarchy.

3.2.  Zoning

   Zones within a Fabric provide a mechanism to control frame delivery
   between Nx_Ports ("Hard Zoning") or to expose selected views of Name
   Server information ("Soft Zoning").

   Communication is only possible when the communicating endpoints are
   members of a common zone.  This technique is similar to virtual
   private networks in that the Fabric has the ability to group devices
   into Zones.

   Hard zoning and soft zoning are two different means of realizing
   this.  Hard zoning is enforced in the Fabric (i.e., switches) whereas
   soft zoning is enforced at the endpoints (e.g., host bus adapters
   (HBAs)) by relying on the endpoints to not send traffic to an
   N_Port_ID not obtained from the Name Server with a few exceptions for
   well-known N_Port_IDs used to bootstrap the Fabric (e.g., talk to the
   Name Server).

   Administrators create Zones to increase network security and to
   prevent data loss or corruption by controlling access between devices
   or user groups.  Zones may be specifically used to create:



DeSanti, et al.             Standards Track                     [Page 4]


RFC 4936                   FC Zone Server MIB                August 2007


      a) Barriers between devices that use different operating systems.
         It is often critical to separate servers and storage devices
         with different operating systems because accidental transfer of
         information from one to another may delete or corrupt data;

      b) Logical subsets of closed user groups.  Administrators may
         authorize access rights to specific Zones for specific user
         groups, thereby protecting confidential data from unauthorized
         access;

      c) Groups of devices that are separate from devices in the rest of
         a Fabric.  Zones allow certain processes to be performed on
         devices in a group without interrupting devices in other
         groups; or

      d) Temporary access between devices for specific purposes.
         Administrators may remove Zone restrictions temporarily, then
         restore Zone restrictions to perform normal processes.

3.3.  Zoning Configuration and Management

   Zones are configured via a Fabric Zone Server, using requests defined
   in [FC-GS-5]), or via the T11-FC-ZONE-SERVER-MIB module defined in
   this memo, or via some other mechanism.

   An Nx_Port may be a member of one or more Zones.  Zone membership may
   be specified by:

      a) The N_Port_Name of the Nx_Port connected to the switch;
      b) The N_Port_ID assigned during Fabric Login;
      c) The Node_Name associated with the Nx_Port; note that the
         Node_Name may include more than one Nx_Port;
      d) The F_Port_Name of the Fx_Port to which the Nx_Port is
         connected; or
      e) The domain identifier (Domain_ID) and physical port number of
         the Switch Port to which the Nx_Port is attached.

   A Fabric's Zone Server may be used to create a Zone by specifying the
   Zone Members.  One or more Zones may be collected into a Zone Set,
   and a Zone may be a member of more than one Zone Set.  A Zone Set
   creates a collection of Zones that may be activated or deactivated as
   a single entity across all Switches in a Fabric (e.g., having two
   Zone Sets, one for normal operation, and a second for backup during
   off-hours).  Only one Zone Set may be activated at one time.

   Other terminology defined in [FC-GS-5] is:  an Active Zone Set is the
   Zone Set currently enforced by a Fabric; a Zone Set Database is a
   database of the Zone Sets available to be activated within a Fabric;



DeSanti, et al.             Standards Track                     [Page 5]


RFC 4936                   FC Zone Server MIB                August 2007


   and a Zoning Database is a generic term used to indicate a
   combination of an Active Zone Set and a Zone Set Database.

   Two distinct sets of management requests, Enhanced and Basic, are
   defined in [FC-GS-5] to interact with a Fabric Zone Server.  Basic
   Zoning provides compatibility with [FC-GS-4] and earlier versions of
   Fibre Channel's Generic Services specification.  If all the Switches
   in a Fabric support the Enhanced request set, then it may be used to
   manage zoning; otherwise, only the Basic request set may be used, in
   order to support backward compatibility.

   In the context of Enhanced Zoning Management, a management action
   (i.e., write access to the Zoning Database) to the Zone Server can
   only occur inside a server session.  A server session is set up using
   the FC-GS-5's Common Transport (CT) protocol defined in [FC-GS-5].  A
   server session is delimited by CT protocol requests, Server Session
   Begin (SSB) and Server Session End (SSE), which are directed to the
   Management Service and which have the GS_Subtype specifying the Zone
   Server.  Query requests that result in read access to the Zoning
   Database are not required to be issued inside a server session,
   although the information returned is not guaranteed to be consistent
   when supplied outside of a server session.

   When setting up a server session for Enhanced Zoning, the Zone Server
   is required to lock the Fabric.  This ensures serialized management
   access to the Zoning Database and guarantees a deterministic
   behavior.  The switch that receives the SSB request is called the
   'managing' switch, and it tries to lock the Fabric using the Fabric
   Management Session Protocol (see section 10.6 of [FC-SW-4]) by
   sending an Acquire Change Authorization (ACA) request to all other
   switches in the Fabric.  If any switch(es) respond with an SW_RJT
   indicating failure, then the attempt to lock the Fabric fails and the
   SSB request is rejected.  If all the other switches respond with an
   SW_ACC indicating success, then the Fabric is locked and the server
   session can be established.  The subsequent SSE request causes a
   Release Change Authorization (RCA) request to all other switches, and
   thus, the Fabric to be unlocked.

   For at least one application other than Zoning, the managing switch
   uses a different type of request to lock the Fabric, i.e., it sends
   an Enhanced Acquire Change Authorization (EACA) request to all other
   switches in the Fabric.  An EACA reserves local resources associated
   with a designated application to ensure the consistency of that
   application's data.  The application is identified in the EACA using
   an Application_ID (see Table 116 in [FC-SW-4]).  A lock that was
   established via an EACA is released using an Enhanced Release Change
   Authorization (ERCA) request.




DeSanti, et al.             Standards Track                     [Page 6]


RFC 4936                   FC Zone Server MIB                August 2007


   Changes requested in a Zoning Database by Enhanced Zoning commands
   persist after the end of the Zoning (server) session only if the
   commands are followed, within the same server session, by a Commit
   Zone Changes (CMIT) request.  On receipt of a CMIT request, the Zone
   Server checks that the Zoning Database as modified by the outstanding
   changes will pass the applicable consistency checks, and then
   distributes it to all other switches in the Fabric using a Stage
   Fabric Configuration Update (SFC) request.  If all other switches
   accept the SFC request, then the "managing" switch sends an Update
   Fabric Configuration (UFC) Request to each other switch, and the
   staged Zoning Database thereby becomes the Fabric's (active) Zoning
   Database.

   The latest standard for an interconnecting Fabric containing multiple
   Fabric Switch elements is [FC-SW-4].  [FC-SW-4] carries forward the
   earlier specification for the operation of a single Fabric in a
   physical infrastructure, and augments it with the definition of
   Virtual Fabrics and with the specification of how multiple Virtual
   Fabrics can operate within one (or more) physical infrastructures.
   The use of Virtual Fabrics provides for each frame to be tagged in
   its header to indicate which one of several Virtual Fabrics that
   frame is being transmitted on.  All frames entering a particular
   "Core Switch" [FC-SW-4] (i.e., a physical switch) on the same Virtual
   Fabric are processed by the same "Virtual Switch" within that Core
   switch.

4.  Relationship to Other MIBs

   The Fibre Channel Management MIB [RFC4044] defines basic information
   for Fibre Channel hosts and switches, including extensions to the
   standard IF-MIB [RFC2863] for Fibre Channel interfaces.

   This MIB extends beyond [RFC4044] to cover the management of Fibre
   Channel Zoning Servers, both for Basic Zoning Management and for
   Enhanced Zoning Management, as defined in the FC-GS-5 specification.

   This MIB imports some common Textual Conventions from T11-TC-MIB,
   defined in [RFC4439].  It also imports a TC from T11-FC-NAME-SERVER-
   MIB, defined in [RFC4438], plus InetAddressType and InetAddress from
   INET-ADDRESS-MIB [RFC4001].  It also includes a reference to
   snmpCommunitySecurityName defined in [RFC3584].










DeSanti, et al.             Standards Track                     [Page 7]


RFC 4936                   FC Zone Server MIB                August 2007


5.  MIB Overview

   This document defines two MIB modules: T11-FC-FABRIC-LOCK-MIB and
   T11-FC-ZONE-SERVER-MIB.

   T11-FC-FABRIC-LOCK-MIB supports FC-GS-5's generic capability of
   locking the Fabric for a particular "application" such as (the
   management of) Enhanced Zoning.  The MIB contains one table in which
   each entry represents a particular switch being the 'managing' switch
   of a particular application's Fabric lock.

   T11-FC-ZONE-SERVER-MIB is specific to the operation of Zone Servers,
   which can operate in Basic mode or in Enhanced mode.  This MIB module
   imports the T11NsGs4RejectReasonCode textual convention defined in
   T11-FC-NAME-SERVER-MIB [RFC4438].

5.1.  Fibre Channel Management Instance

   A Fibre Channel management instance is defined in [RFC4044] as a
   separable managed instance of Fibre Channel functionality.  Fibre
   Channel functionality may be grouped into Fibre Channel management
   instances in whatever way is most convenient for the
   implementation(s).  For example, one such grouping accommodates a
   single SNMP agent having multiple AgentX [RFC2741] sub-agents, with
   each sub-agent implementing a different Fibre Channel management
   instance.

   The object, fcmInstanceIndex, is IMPORTed from the FC-MGMT-MIB
   [RFC4044] as the index value to uniquely identify each Fibre Channel
   management instance, for example, within the same SNMP context
   ([RFC3411], section 3.3.1).

5.2.  Switch Index

   The FC-MGMT-MIB [RFC4044] defines the fcmSwitchTable as a table of
   information about Fibre Channel switches that are managed by Fibre
   Channel management instances.  Each Fibre Channel management instance
   can manage one or more Fibre Channel switches.  The Switch Index,
   fcmSwitchIndex, is IMPORTed from the FC-MGMT-MIB as the index value
   to uniquely identify a Fibre Channel switch amongst those (one or
   more) managed by the same Fibre Channel management instance.

5.3.  Fabric Index

   Whether operating on a physical Fabric (i.e., without Virtual
   Fabrics) or within a Virtual Fabric, the operation of a Zone Server
   within a Fabric is identical.  Therefore, this MIB defines all
   Fabric-related information in tables that are INDEXed by an arbitrary



DeSanti, et al.             Standards Track                     [Page 8]


RFC 4936                   FC Zone Server MIB                August 2007


   integer, named a "Fabric Index", having the syntax, T11FabricIndex,
   which is IMPORTed from the T11-TC-MIB [RFC4439].  When a device is
   connected to a single physical Fabric, without use of any Virtual
   Fabrics, the value of this Fabric Index will always be 1.  In an
   environment of multiple virtual and/or physical Fabrics, this index
   provides a means to distinguish one Fabric from another.

   It is quite possible, and may even be likely, that a Fibre Channel
   switch will have ports connected to multiple virtual and/or physical
   Fabrics.  Thus, in order to simplify a management protocol query
   concerning all the Fabrics to which a single switch is connected,
   fcmSwitchIndex will be listed before an object with FabricIndex as
   its syntax when both appear in the same INDEX clause.

5.4.  Locking the Fabric

   The T11-FC-FABRIC-LOCK-MIB module provides for the management of
   locks on a Fibre Channel Fabric.  A Fibre Channel Fabric lock is used
   to ensure serialized access to some types of management data related
   to a Fabric, e.g., the Fabric's Zoning Database.

   Some (managing) applications obtain a lock by initiating server
   sessions and the Fabric is locked so as to reserve local resources in
   each Switch.  For this usage, the managing switch sends an Acquire
   Change Authorization (ACA) request to other switches in order to lock
   the Fabric.

   For some other applications, a managing switch locks the Fabric using
   an Enhanced Acquire Change Authorization (EACA) request, which
   identifies the application on whose behalf the Fabric is being locked
   with an Application_ID.  In this case, only local resources
   associated with the designated application are reserved.

   Locks established via ACAs and via EACAs are both represented in the
   t11FLockTable in the T11-FC-FABRIC-LOCK-MIB.  The Application_ID
   provided by the EACA serves to distinguish between multiple
   concurrent locks established by EACAs.  In order to use this same
   mechanism to distinguish a lock established via an ACA from each of
   those established via EACAs, an additional (special) value of
   Application_ID has been assigned [APPL-ID] for use by this MIB
   module.  Specifically, this newly assigned value will never be used
   to indicate an Application locked by an EACA, and therefore this MIB
   module uses it to uniquely distinguish a lock established via an ACA.
   In other words, with this additional assignment, an Application_ID
   value can be used to uniquely identify any active lock amongst all
   those established (on the same Fabric) either by an EACA or an ACA.





DeSanti, et al.             Standards Track                     [Page 9]


RFC 4936                   FC Zone Server MIB                August 2007


5.5.  Basic and Enhanced Modes

   The t11ZsServerOperationMode object indicates whether a Fabric's Zone
   Server is operating in Basic mode or Enhanced mode.  These two modes
   have a sufficient amount of commonality to make it worthwhile to have
   one set of MIB objects that are used for the subset of functionality
   that is common to both modes.  To accommodate the differences,
   additional MIB objects are defined.

   For Enhanced mode, the additional objects are defined in a group,
   t11ZsEnhancedModeGroup, which is only required to be implemented in a
   Zone Server capable of supporting Enhanced mode.  The objects
   specific to Basic mode are always (even in Enhanced mode) expected to
   be implemented, but when in Enhanced mode, their values are either
   restricted or do not affect current operations, e.g.,

    - an example of "restricted" is:  the distribution of updates to the
      Zone Server database throughout the Fabric has to be requested
      explicitly in Basic mode; this functionality is provided in the
      MIB by the t11ZsServerDistribute object.  In contrast, in Enhanced
      mode, the distribution is an implicit part of the commit function
      which is initiated using the t11ZsServerCommit object.  Thus, when
      operating in Enhanced mode, t11ZsServerDistribute has a fixed
      value, and when operating in Basic mode, t11ZsServerCommit has a
      fixed value.

    - an example of "do not affect current operations" is:
      t11ZsServerHardZoning, which specifies whether a switch enforces
      hard Zoning on a Fabric when in Basic mode.  This object is
      instantiated and could even be modified while in Enhanced mode,
      but its value only takes effect when in Basic mode.  (Note that in
      Enhanced mode, t11ZsActiveZoneHardZoning specifies whether hard
      Zoning is enabled on a particular Zone.)

5.6.  Persistent Storage

   A Zone Server Database for a given Fabric consists of the combination
   of many of the tables defined in this MIB module.  In order to ensure
   that such a Database is consistent, this MIB module defines just one
   object (t11ZsServerDatabaseStorageType) with a syntax of StorageType,
   whose value for a given Fabric is defined to be applicable to all of
   that Fabric's Zone Server Database as defined in all the tables in
   this MIB module.








DeSanti, et al.             Standards Track                    [Page 10]


RFC 4936                   FC Zone Server MIB                August 2007


5.7.  The Active Zone Set and the Zone Set Database

   As described in FC-GS-5 [FC-GS-5], one of the Zone Sets in the Zone
   Set Database can be activated to become the Active Zone Set, i.e.,
   the one which is enforced on the Fabric.  Get/Add/Remove-type
   requests are defined in FC-GS-5 to allow access to the Zone Set
   Database.  When the Zone Set Database is modified, such modifications
   don't affect the Active Zone Set unless and until a subsequent
   activation.  Interaction directly with the Active Zone Set is also
   possible via the FC-GS-5 requests: 'Activate Direct' and 'Get Active
   Zone Set'.  This is illustrated in the following rendition of Figure
   15 of [FC-GS-5]:

                   Zone Set Database
                 +------------------+
                 | +--------------+ |
        Get      | | Zone Set A   | |
       <=========| |(zones, zone  | |
                 | | members,etc.)| |
                 | +--------------+ |
        Add/     |  | Zone Set B |  |    Activate     +------------+
        Remove   |  +------------+  |    Zone Set     |            |
       =========>|   |Zone Set C|   |================>|            |
                 |   +----------+   |                 |   Active   |
                 +------------------+                 |    Zone    |
                                                      |    Set     |
        Get Active Zone Set                           | (enforced) |
       <==============================================|            |
                                                      |            |
        Activate Direct                               |            |
       ==============================================>|            |
                                                      |            |
        Deactivate                                    |            |
       ==============================================>|            |
                                                      +------------+

   The T11-FC-ZONE-SERVER-MIB module, defined in section 7, models the
   above structure by having one set of MIB tables for the Zone Set
   Database and a separate set for the Active Zone Set, specifically:

    - seven tables for the Zone Set Database:  t11ZsSetTable,
      t11ZsZoneTable, t11ZsSetZoneTable, t11ZsAliasTable,
      t11ZsZoneMemberTable, t11ZsAttribBlockTable and t11ZsAttribTable.

    - four tables for the Active Zone Set:  t11ZsActiveTable,
      t11ZsActiveZoneTable, t11ZsActiveZoneMemberTable and
      t11ZsActiveAttribTable.




DeSanti, et al.             Standards Track                    [Page 11]


RFC 4936                   FC Zone Server MIB                August 2007


5.8.  Conformance Groups

5.8.1.  The t11ZsBasicGroup

   This group contains objects to retrieve and to modify the Zoning
   configuration of a Zone Server capable of operating in Basic mode.

5.8.2.  The t11ZsEnhancedModeGroup

   This group contains objects to retrieve and to modify the Zoning
   configuration of a Zone Server capable of operating in Enhanced mode.

5.8.3.  The t11ZsActivateGroup

   This group contains objects that allow a Zone Set to be activated via
   SNMP SetRequests and provide the status and result of such an
   activation.

5.8.4.  The t11ZsStatisticsGroup

   This group contains objects for collecting Zone Server statistics.

5.8.5.  The t11ZsNotificationGroup

   This group contains notifications for monitoring:  Zone merge
   successes and failures, Zone Server request rejections, changes in
   the Default Zoning behavior, and the success or failure of an attempt
   to activate or deactivate a Zone Set.

5.8.5.1.  Flow-Control for Notifications

   When defining SNMP notifications for events that occur in the data-
   plane, the maximum frequency of their generation needs to be
   considered.  Unless there is some limiting factor, such notifications
   need to be flow-controlled in some way, e.g., defined such that after
   some maximum number have occurred within a specified time interval,
   further notifications are suppressed for some subsequent time
   interval.  However, as and when such a suppression occurs, the
   Network Management System (NMS) that didn't receive the notifications
   (because they were suppressed) needs an indication of how many were
   suppressed.  Therefore, an additional Counter32 object needs to be
   defined, and/or a new type of notification needs to be defined for
   use at the end of the interval.  While this is extra complexity, it
   is necessary for notifications that need to be flow-controlled.

   In contrast, for notifications such as all those defined in this MIB
   module, which are generated due to control-plane events (and are not
   able to start a chain reaction):



DeSanti, et al.             Standards Track                    [Page 12]


RFC 4936                   FC Zone Server MIB                August 2007


   - estimating the maximum number that could be generated per unit time
     for each type of notification is too simplistic.  For example, it's
     unreasonable to ask how many of the t11ZsDefZoneChangeNotify
     notifications can be generated in a time interval because it
     depends on several factors: how many operators can be re-
     configuring the network at the same time? and how frequently can
     each of them change the Default Zone Setting?

   - the extra complexity of flow-controlling these types of
     notifications is not warranted.

5.8.6.  The t11ZsNotificationControlGroup

   This group contains objects that allow each type of notification (in
   the t11ZsNotificationGroup group) to be independently enabled or
   disabled.  It also contains objects that are used to include useful
   information in those notifications; these objects are defined as
   read-only to allow the values contained in the most recent
   notification to be queried.

6.  The T11-FC-FABRIC-LOCK-MIB Module

T11-FC-FABRIC-LOCK-MIB  DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    mib-2                              FROM SNMPv2-SMI   -- [RFC2578]
    RowStatus                          FROM SNMPv2-TC    -- [RFC2579]
    MODULE-COMPLIANCE, OBJECT-GROUP    FROM SNMPv2-CONF  -- [RFC2580]
    InetAddressType, InetAddress       FROM
                                       INET-ADDRESS-MIB  -- [RFC4001]
    fcmInstanceIndex, fcmSwitchIndex   FROM FC-MGMT-MIB  -- [RFC4044]
    T11NsGs4RejectReasonCode           FROM
                                 T11-FC-NAME-SERVER-MIB  -- [RFC4438]
    T11FabricIndex                     FROM T11-TC-MIB;  -- [RFC4439]

t11FabricLockMIB  MODULE-IDENTITY
    LAST-UPDATED  "200706270000Z"
    ORGANIZATION  "For the initial versions, T11.
                   For later versions, the IETF's IMSS Working Group."
    CONTACT-INFO
           "      Claudio DeSanti
                  Cisco Systems, Inc.
                  170 West Tasman Drive
                  San Jose, CA 95134 USA
                  EMail: cds@cisco.com

                  Keith McCloghrie



DeSanti, et al.             Standards Track                    [Page 13]


RFC 4936                   FC Zone Server MIB                August 2007


                  Cisco Systems, Inc.
                  170 West Tasman Drive
                  San Jose, CA 95134 USA
                  EMail: kzm@cisco.com"

    DESCRIPTION
           "The MIB module for the management of locks on a Fibre
           Channel Fabric.  A Fibre Channel Fabric lock is used to
           ensure serialized access to some types of management data
           related to a Fabric, e.g., the Fabric's Zoning Database.

           Some (managing) applications generate Fabric locks by
           initiating server sessions.  Server sessions are
           defined generically in FC-GS-5 to represent a collection of
           one or more requests to the session's server, e.g., to the
           Zone Server.  Such a session is started by a Server Session
           Begin (SSB) request, and terminated by a Server Session End
           (SSE) request.  The switch receiving the SSB is called the
           'managing' switch.  Some applications require the
           'managing' switch to lock the Fabric for the particular
           application, e.g., for Enhanced Zoning, before it can
           respond successfully to the SSB.  On receipt of the
           subsequent SSE, the lock is released.  For this usage, the
           managing switch sends an Acquire Change Authorization (ACA)
           request to other switches to lock the Fabric.

           For some other applications, a managing switch locks the
           Fabric using an Enhanced Acquire Change Authorization (EACA)
           request, which identifies the application on whose behalf
           the Fabric is being locked with an Application_ID.

           Fabric locks can also be requested more directly, e.g.,
           through the use of this MIB.  In these situations, the term
           'managing' switch is used to indicate the switch that
           receives such a request and executes it by issuing either
           ACA or EACA requests to other switches in the Fabric.

           This MIB module defines information about the 'managing'
           switch for currently-active Fabric locks.

           Copyright (C) The IETF Trust (2007).  This version
           of this MIB module is part of RFC 4936;  see the RFC
           itself for full legal notices."
    REVISION  "200706270000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 4936."
    ::= { mib-2 159 }




DeSanti, et al.             Standards Track                    [Page 14]


RFC 4936                   FC Zone Server MIB                August 2007


t11FLockMIBObjects       OBJECT IDENTIFIER ::= { t11FabricLockMIB 1 }
t11FLockMIBConformance   OBJECT IDENTIFIER ::= { t11FabricLockMIB 2 }
t11FLockMIBNotifications OBJECT IDENTIFIER ::= { t11FabricLockMIB 0 }
t11FLockConfiguration    OBJECT IDENTIFIER ::= { t11FLockMIBObjects 1 }

--
-- The table of Managing Switches and their Fabric Locks
--

t11FLockTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11FLockEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about the 'managing'
           switch of each current Fabric lock, e.g., for the
           types of Servers defined in FC-GS-5.

           Each entry in this table represents either:

           1) a current Fabric lock,
           2) an in-progress attempt, requested via SNMP, to set up
              a lock, or
           3) a failed attempt, requested via SNMP, to set up a lock.

           If an entry is created via t11FLockRowStatus, but the
           attempt to obtain the lock fails, then the entry continues
           to exist until it is deleted via t11FLockRowStatus, or
           it is overwritten by the lock being established via
           a means other than SNMP.  However, rows created via
           t11FLockRowStatus are not retained over restarts."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, sections 4.9.5 and 6.4.10.2."
    ::= { t11FLockConfiguration 1 }

t11FLockEntry OBJECT-TYPE
    SYNTAX       T11FLockEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information specific to a current
           Fabric lock set up by a particular 'managing' switch on a
           particular Fabric.  The 'managing switch' is identified by
           values of fcmInstanceIndex and fcmSwitchIndex.

           Server sessions for several different types of servers
           are defined in FC-GS-5.  The behavior of a server with



DeSanti, et al.             Standards Track                    [Page 15]


RFC 4936                   FC Zone Server MIB                August 2007


           respect to commands received within a server session is
           specified for each type of server.  For some types,
           parameter changes can only be made within the context of a
           session, and the setting up of a session requires that the
           Fabric be locked.  A Fabric is locked by one switch, called
           the 'managing' switch, sending Acquire Change Authorization
           (ACA) requests to all other switches in the Fabric.

           For other applications, a Fabric lock is established by the
           'managing' switch sending Enhanced Acquire Change
           Authorization (EACA) requests to other switches in the
           Fabric.  Each EACA request includes an Application_ID
           value to identify the application requesting the lock.

           For the benefit of this MIB module, a distinct value of
           Application_ID has also been assigned/reserved (see
           ANSI INCITS T11/06-679v0, titled 'FC-SW-5 Letter to
           T11.5') as a means of distinguishing locks established via
           Acquire Change Authorization (ACA) requests.  This
           additional assignment allows an Application_ID to be used to
           uniquely identify any active lock amongst all those
           established by either an EACA or an ACA.

           Whenever a Fabric is locked, by the sending of either an ACA
           or an EACA, a row gets created in the representation of this
           table for the 'managing' switch.

           In order to process SNMP SetRequests that make parameter
           changes for the relevant types of servers (e.g., to the
           Zoning Database), the SNMP agent must get serialized access
           to the Fabric (for the relevant type of management data),
           i.e., the Fabric must be locked by creating an entry in
           this table via an SNMP SetRequest.  Creating an entry in
           this table via an SNMP SetRequest causes an ACA or an EACA
           to be sent to all other switches in the Fabric.  The value
           of t11FLockApplicationID for such an entry determines
           whether an ACA or an EACA is sent.

           If an entry in this table is created by an SNMP SetRequest,
           the value of the t11FLockInitiatorType object in that entry
           will normally be 'snmp'.  A row for which the value of
           t11FLockInitiatorType is not 'snmp' cannot be modified
           via SNMP.  In particular, it cannot be deleted via
           t11FLockRowStatus.  Note that it's possible for a row to be
           created by an SNMP SetRequest, but for the setup of the lock
           to fail, and immediately thereafter be replaced by a lock
           successfully set up by some other means; in such a case, the
           value of t11FLockInitiatorType would change as and when the



DeSanti, et al.             Standards Track                    [Page 16]


RFC 4936                   FC Zone Server MIB                August 2007


           lock was set up by the other means, and so the row could
           not thereafter be deleted via t11FLockRowStatus.

           FC-GS-5 mentions various error situations in which a
           Fabric lock is released so as to avoid a deadlock.  In
           such situations, the agent removes the corresponding row
           in this table as and when the lock is released.  This can
           happen for all values of t11FLockInitiatorType."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, sections 4.9.5.5 and 6.4.7.1.

           Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, sections 6.1.17, 10.6.6, and 13.2,
           and table 116.

           'FC-SW-5 Letter to T11.5' ANSI INCITS T11/06-679v0,
           http://www.t11.org/ftp/t11/pub/fc/sw-5/06-679v0.pdf,
           21 September 2006."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex, t11FLockFabricIndex,
              t11FLockApplicationID }
    ::= { t11FLockTable 1 }

T11FLockEntry ::= SEQUENCE {
    t11FLockFabricIndex             T11FabricIndex,
    t11FLockApplicationID           OCTET STRING,
    t11FLockInitiatorType           INTEGER,
    t11FLockInitiator               OCTET STRING,
    t11FLockInitiatorIpAddrType     InetAddressType,
    t11FLockInitiatorIpAddr         InetAddress,
    t11FLockStatus                  INTEGER,
    t11FLockRejectReasonCode        T11NsGs4RejectReasonCode,
    t11FLockRejectReasonCodeExp     OCTET STRING,
    t11FLockRejectReasonVendorCode  OCTET STRING,
    t11FLockRowStatus               RowStatus
}

t11FLockFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique index value that uniquely identifies a
           particular Fabric.

           In a Fabric conformant to FC-SW-4, multiple Virtual Fabrics
           can operate within one (or more) physical infrastructures,
           and this index value is used to uniquely identify a



DeSanti, et al.             Standards Track                    [Page 17]


RFC 4936                   FC Zone Server MIB                August 2007


           particular (physical or virtual) Fabric within a physical
           infrastructure.

           In a Fabric conformant to versions earlier than FC-SW-4,
           only a single Fabric could operate within a physical
           infrastructure, and thus, the value of this Fabric Index
           was defined to always be 1."
    ::= { t11FLockEntry 1 }

t11FLockApplicationID OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The Application_ID value that identifies the type of
           application for which the Fabric is locked.

           A lock established via Acquire Change Authorization (ACA)
           does not, strictly speaking, have an Application_ID value.
           However, the value 'FF'h (255 decimal) has been reserved
           by T11 to be used as the value of this MIB object as and
           when a lock is established by an ACA.  This value was
           initially documented in a letter from the FC-SW-5 Editor
           to T11.5, which was approved by the T11 and T11.5 plenary
           meetings on October 5, 2006."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, Table 116.

           'FC-SW-5 Letter to T11.5' ANSI INCITS T11/06-679v0,
           http://www.t11.org/ftp/t11/pub/fc/sw-5/06-679v0.pdf,
           21 September 2006."
    ::= { t11FLockEntry 2 }

t11FLockInitiatorType OBJECT-TYPE
    SYNTAX        INTEGER {
                      other(1),
                      ssb(2),
                      cli(3),
                      snmp(4)
                  }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
           "This object specifies what type of initiator generated
           the request that caused this lock to be established:

               other     - none of the following.



DeSanti, et al.             Standards Track                    [Page 18]


RFC 4936                   FC Zone Server MIB                August 2007


               ssb       - this lock was established due to the
                           receipt of an SSB, e.g., from a GS-5
                           client.
               cli       - this lock was established in order
                           to process a Command Line Interface
                           (CLI) command.
               snmp      - this lock was established as a result
                           of an SNMP SetRequest.
           "
    ::= { t11FLockEntry 3 }

t11FLockInitiator OBJECT-TYPE
    SYNTAX          OCTET STRING (SIZE(0..64))
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
           "This object specifies the initiator whose request
           caused this lock to be established.

           If the value of the corresponding instance
           of t11FLockInitiatorType is 'ssb', this
           object will contain the FC_ID of the client
           that issued the Server Session Begin (SSB)
           that required the lock to be established.

           If the value of the corresponding instance
           of t11FLockInitiatorType object is 'cli', this
           object will contain the user name of the CLI
           (Command Line Interface) user on whose behalf
           the lock was established.

           If the value of the corresponding instance of
           t11FLockInitiatorType is 'snmp', this object
           will contain the SNMP securityName used by the
           SNMPv3 message containing the SetRequest that
           created this row.  (If the row was created via
           SNMPv1 or SNMPv2c, then the appropriate value of
           the snmpCommunitySecurityName is used.)"
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 4.9.5.2.

           SNMP securityName is defined in RFC 3411, 'An
           Architecture for Describing Simple Network
           Management Protocol (SNMP) Management Frameworks'.

           snmpCommunitySecurityName is defined in RFC 3584,
           'Coexistence between Version 1, Version 2, and



DeSanti, et al.             Standards Track                    [Page 19]


RFC 4936                   FC Zone Server MIB                August 2007


           Version 3 of the Internet-standard Network
           Management Framework.'"
    ::= { t11FLockEntry 4 }

t11FLockInitiatorIpAddrType OBJECT-TYPE
    SYNTAX          InetAddressType
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
           "This object specifies the type of IP address contained
           in the corresponding instance of t11FLockInitiatorIpAddr.
           If the IP address of the location of the initiator is
           unknown or not applicable, this object has the value:
           'unknown'."
    ::= { t11FLockEntry 5 }

t11FLockInitiatorIpAddr OBJECT-TYPE
    SYNTAX          InetAddress
    MAX-ACCESS      read-only
    STATUS          current
    DESCRIPTION
           "This object specifies the IP address of the location
           of the initiator that established this lock via a
           request of the type given by the corresponding instance
           of t11FLockInitiatorType.  In cases where the
           corresponding instance of t11FLockInitiatorIpAddrType has
           the value: 'unknown', the value of this object is the
           zero-length string."
    ::= { t11FLockEntry 6 }

t11FLockStatus OBJECT-TYPE
    SYNTAX        INTEGER {
                      active(1),
                      settingUp(2),
                      rejectFailure(3),
                      otherFailure(4)
                  }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
           "This object gives the current status of the lock:

              'active'        -- the lock is currently established.
              'settingUp'     -- the 'managing' switch is currently
                                 attempting to set up the lock, e.g.,
                                 it is waiting to receive Accepts
                                 for ACAs from every switch in the
                                 Fabric.



DeSanti, et al.             Standards Track                    [Page 20]


RFC 4936                   FC Zone Server MIB                August 2007


              'rejectFailure' -- the 'managing' switch's attempt to
                                 set up the lock was rejected with
                                 the reason codes given by:
                                    t11FLockRejectReasonCode,
                                    t11FLockRejectReasonCodeExp and
                                    t11FLockRejectReasonVendorCode.
              'otherFailure'  -- the 'managing' switch's attempt
                                 to set up the lock failed (but no
                                 reason codes are available).

           For values of t11FLockInitiatorType other than 'snmp',
           a row is only required to be instantiated in this table
           when the value of this object is 'active'.

           If the value of the corresponding instance of
           t11FLockInitiatorType is 'snmp', the initial value of this
           object when the row is first created is 'settingUp'.  As
           and when the setup succeeds, the value transitions to
           'active'.  If the setup fails, the value transitions to
           either 'rejectFailure' or 'otherFailure'.  Note that such a
           failure value is overwritten on the next attempt to obtain
           the lock, which could be immediately after the failure,
           e.g., by a GS-5 client.

           When the value of this object is 'rejectFailure', the
           rejection's reason codes are given by the corresponding
           values of t11FLockRejectReasonCode,
           t11FLockRejectReasonCodeExp and
           t11FLockRejectReasonVendorCode."
    ::= { t11FLockEntry 7 }

t11FLockRejectReasonCode OBJECT-TYPE
    SYNTAX        T11NsGs4RejectReasonCode
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
           "When the value of the corresponding instance of
           t11FLockStatus is 'rejectFailure', this object contains
           the rejection's reason code."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 4.4.4 and table 10."
    ::= { t11FLockEntry 8 }

t11FLockRejectReasonCodeExp OBJECT-TYPE
    SYNTAX        OCTET STRING (SIZE(0 | 1))
    MAX-ACCESS    read-only
    STATUS        current



DeSanti, et al.             Standards Track                    [Page 21]


RFC 4936                   FC Zone Server MIB                August 2007


    DESCRIPTION
           "When the value of the corresponding instance of
           t11FLockStatus is 'rejectFailure', this object contains
           the rejection's reason code explanation."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, sections 4.4.4 and 6.4.9,
           tables 10 and 252."
    ::= { t11FLockEntry 9 }

t11FLockRejectReasonVendorCode OBJECT-TYPE
    SYNTAX        OCTET STRING (SIZE(0 | 1))
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
           "When the value of the corresponding instance of
           t11FLockStatus is 'rejectFailure', this object contains
           the rejection's vendor-specific code."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 4.4.4."
    ::= { t11FLockEntry 10 }

t11FLockRowStatus OBJECT-TYPE
    SYNTAX        RowStatus
    MAX-ACCESS    read-create
    STATUS        current
    DESCRIPTION
           "The status of this conceptual row.

           A row in this table can be modified or deleted via
           this object only when the row's value of
           t11FLockInitiatorType is 'snmp'."
    ::= { t11FLockEntry 11 }

-- Conformance

t11FLockMIBCompliances
                     OBJECT IDENTIFIER ::= { t11FLockMIBConformance 1 }
t11FLockMIBGroups    OBJECT IDENTIFIER ::= { t11FLockMIBConformance 2 }

t11FLockMIBCompliance MODULE-COMPLIANCE
    STATUS       current
    DESCRIPTION
           "The compliance statement for entities that support
           Fabric locks in support of GS-5 Server applications."
    MODULE MANDATORY-GROUPS { t11FLockActiveGroup }




DeSanti, et al.             Standards Track                    [Page 22]


RFC 4936                   FC Zone Server MIB                August 2007


    OBJECT       t11FLockRowStatus
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    ::= { t11FLockMIBCompliances 1 }

-- Units of Conformance

t11FLockActiveGroup OBJECT-GROUP
    OBJECTS  { t11FLockInitiatorType,
               t11FLockInitiator,
               t11FLockInitiatorIpAddrType,
               t11FLockInitiatorIpAddr,
               t11FLockStatus,
               t11FLockRejectReasonCode,
               t11FLockRejectReasonCodeExp,
               t11FLockRejectReasonVendorCode,
               t11FLockRowStatus
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects containing information
           about current Fabric locks."
    ::= { t11FLockMIBGroups 1 }

END
























DeSanti, et al.             Standards Track                    [Page 23]


RFC 4936                   FC Zone Server MIB                August 2007


7.  The T11-FC-ZONE-SERVER-MIB Module

T11-FC-ZONE-SERVER-MIB  DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    NOTIFICATION-TYPE, mib-2,
    Counter32, Unsigned32
                        FROM SNMPv2-SMI                  -- [RFC2578]
    MODULE-COMPLIANCE, OBJECT-GROUP,
    NOTIFICATION-GROUP
                        FROM SNMPv2-CONF                 -- [RFC2580]
    TEXTUAL-CONVENTION, RowStatus,
    StorageType,
    TruthValue, TimeStamp
                        FROM SNMPv2-TC                   -- [RFC2579]
    SnmpAdminString
                        FROM SNMP-FRAMEWORK-MIB          -- [RFC3411]
    ifIndex             FROM IF-MIB                      -- [RFC2863]
    fcmInstanceIndex, fcmSwitchIndex,
    FcNameIdOrZero,
    FcDomainIdOrZero    FROM FC-MGMT-MIB                 -- [RFC4044]
    T11NsGs4RejectReasonCode
                        FROM T11-FC-NAME-SERVER-MIB      -- [RFC4438]
    T11FabricIndex      FROM T11-TC-MIB                  -- [RFC4439]
    t11FamLocalSwitchWwn
                        FROM T11-FC-FABRIC-ADDR-MGR-MIB; -- [RFC4439]

t11ZoneServerMIB  MODULE-IDENTITY
    LAST-UPDATED  "200706270000Z"
    ORGANIZATION  "For the initial versions, T11.
                   For later versions, the IETF's IMSS Working Group."
    CONTACT-INFO
            "     Claudio DeSanti
                  Cisco Systems, Inc.
                  170 West Tasman Drive
                  San Jose, CA 95134 USA
                  EMail: cds@cisco.com

                  Keith McCloghrie
                  Cisco Systems, Inc.
                  170 West Tasman Drive
                  San Jose, CA 95134 USA
                  EMail: kzm@cisco.com"

    DESCRIPTION
           "The MIB module for the management of Fibre Channel Zoning
           Servers, both for Basic Zoning Management and for Enhanced



DeSanti, et al.             Standards Track                    [Page 24]


RFC 4936                   FC Zone Server MIB                August 2007


           Zoning Management, as defined in the FC-GS-5 specification.

           FC-GS-5 defines (in-band) management operations for
           manipulating the Zone Set Database, some for use in Basic
           mode (e.g., 'Add Zone Set (AZS)', etc.), and some for use in
           Enhanced mode (e.g., Create Zone Set (CZS)', etc.).  When
           Enhanced Zoning Management is in use, FC-GS-5 requires that
           these in-band management operations be rejected unless they
           are issued within the context of a GS-5 server session.  The
           use of a server session ensures serialized access to the
           Zoning Database since the Fabric lock for the Zone Server
           must be obtained as a part of establishing the server
           session to the Zone Server.

           Thus, if and when this MIB is used for Enhanced Zoning
           Management, SNMP SetRequests that request the modification
           of zoning definitions must be serialized with respect to
           the GS-5 requests to modify the Zoning Database.  This is
           achieved by requiring that an SNMP management application
           must first obtain the Fabric lock for the Zone Server
           before attempting to modify any zoning definitions.  The
           companion T11-FC-FABRIC-LOCK-MIB module is defined as a means
           of obtaining the Fabric lock for the Zone Server (or any
           other server).

           In Enhanced Zoning Management, a Zone Server keeps track of
           changes requested in the zoning definitions, but does not
           update its Zone Set Database unless there is (and until
           there is) a 'commit' operation.  To model this behavior,
           this MIB module assumes that a Zone Server (in Enhanced
           mode) takes a snapshot of its Zone Set Database as and when
           the Fabric lock (for the Zone Server application) is
           obtained; this snapshot is used to create what is herein
           called the 'copy' database.  It is this 'copy' database
           that is then updated by SNMP SetRequests (while the Fabric
           is locked).  If and when a 'commit' operation is requested
           (while the Fabric is still locked), the 'copy' database is
           then used to overwrite the previously committed contents of
           the Zone Set Database, and the new Zone Set Database is
           distributed to all other switches in the Fabric.  When the
           lock is released, any changes made that were not
           'committed' are discarded.

           When this MIB is used for Basic Zoning Management, the same
           set of MIB objects as used for Enhanced mode are used to
           make changes to the Database of a Zone Server on a
           particular switch, but the changes take immediate effect at
           that switch without an explicit commit.  The distribution of



DeSanti, et al.             Standards Track                    [Page 25]


RFC 4936                   FC Zone Server MIB                August 2007


           those changes to Zone Servers on other switches in the
           Fabric is subsequently requested through the use of a
           separate set of MIB objects.

           The management information specified in this MIB module
           includes the Zoning Database for each of one or more Fibre
           Channel Fabrics.  A Zoning Database is a combination of the
           Fabric's Zone Set Database and its Active Zone Set.  The
           Active Zone Set is the Zone Set currently enforced by the
           Fabric; a Zone Set Database is a database of the Zone Sets
           available to be activated within a Fabric.  All the MIB
           objects representing a Zone Set Database are modifiable at
           any time (irrespective of the value of any RowStatus
           object), whereas all objects representing the Active Zone
           Set are always read-only (except to deactivate it and/or
           activate a different one).

           Copyright (C) The IETF Trust (2007).  This version
           of this MIB module is part of RFC 4936;  see the RFC
           itself for full legal notices."
    REVISION  "200706270000Z"
    DESCRIPTION
           "Initial version of this MIB module, published as RFC 4936."
    ::= { mib-2 160 }

t11ZsMIBObjects        OBJECT IDENTIFIER ::= { t11ZoneServerMIB 1 }
t11ZsMIBConformance    OBJECT IDENTIFIER ::= { t11ZoneServerMIB 2 }
t11ZsMIBNotifications  OBJECT IDENTIFIER ::= { t11ZoneServerMIB 0 }
t11ZsConfiguration     OBJECT IDENTIFIER ::= { t11ZsMIBObjects 1 }
t11ZsStatistics        OBJECT IDENTIFIER ::= { t11ZsMIBObjects 2 }

-- Textual Conventions

T11ZsZoneMemberType ::= TEXTUAL-CONVENTION
    DISPLAY-HINT  "x"
    STATUS        current
    DESCRIPTION
           "Represents the addressing mechanism by
           which a member is identified:

                01 - N_Port_Name
                02 - Domain_ID and physical port
                03 - N_Port_ID
                04 - Node_Name
                05 - Alias Name
                06 - F_Port_Name
                E0-FF (hex) - Vendor Specific.
           "



DeSanti, et al.             Standards Track                    [Page 26]


RFC 4936                   FC Zone Server MIB                August 2007


    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.8.3.6."
    SYNTAX        Unsigned32 (0..255)

T11ZsRejectReasonExplanation ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "The reason code explanation when rejecting a
           Zone Server request:

              'other'
                  - e.g., a reason code assigned too recently
                    to be included in this version of this MIB
              'noAdditionalExplanation'
                  - there is no additional explanation
              'zonesNotSupported'
                  - Zones are not supported
              'zoneSetNameUnknown'
                  - Zone Set name is not known
              'noZoneSetActive'
                  - no Zone Set is currently active
              'zoneNameUnknown'
                  - Zone name is unknown
              'zoneStateUnknown'
                  - state of the Zone is not known
              'incorrectPayloadLen'
                  - payload length is not correct
              'tooLargeZoneSet'
                  - Zone Set is larger than permitted size
              'deactivateZoneSetFailed'
                  - deactivation of Zone Set failed
              'reqNotSupported'
                  - request is not supported
              'capabilityNotSupported'
                  - capability is not supported
              'zoneMemberIDTypeNotSupp'
                  - Zone Member Identifier Type is not supported
              'invalidZoneSetDefinition'
                  - Zone Set definition is invalid
              'enhancedZoningCmdsNotSupported'
                  - Enhanced Zoning commands are not supported
              'zoneSetExists'
                  - Zone Set already exists
              'zoneExists'
                  - Zone already exists
              'aliasExists'
                  - Zone Alias already exists



DeSanti, et al.             Standards Track                    [Page 27]


RFC 4936                   FC Zone Server MIB                August 2007


              'zoneSetUnknown'
                  - Zone Set unknown
              'zoneUnknown'
                  - Zone unknown
              'aliasUnknown'
                  - Zone Alias unknown
              'zoneAliasTypeUnknown'
                  - unknown Zone attribute type
              'unableEnhancedMode'
                  - Fabric unable to work in Enhanced Mode
              'basicZoningCmdsNotSupported'
                  - Basic Zoning commands are not supported
              'zoneAttribObjectExists'
                  - Zone attribute object already exists
              'zoneAttribObjectUnknown'
                  - Zone attribute object unknown
              'requestInProcess'
                  - request in process
              'cmitInProcess'
                  - CMIT in process
              'hardEnforcementFailed'
                  - hard enforcement failed
              'unresolvedReferences'
                  - unresolved references in the Zone Set Database
              'consistencyChecksFailed'
                  - consistency checks failed."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.9."
    SYNTAX        INTEGER {
                      other(1),
                      noAdditionalExplanation(2),
                      zonesNotSupported(3),
                      zoneSetNameUnknown(4),
                      noZoneSetActive(5),
                      zoneNameUnknown(6),
                      zoneStateUnknown(7),
                      incorrectPayloadLen(8),
                      tooLargeZoneSet(9),
                      deactivateZoneSetFailed(10),
                      reqNotSupported(11),
                      capabilityNotSupported(12),
                      zoneMemberIDTypeNotSupp(13),
                      invalidZoneSetDefinition(14),
                      enhancedZoningCmdsNotSupported(15),
                      zoneSetExists(16),
                      zoneExists(17),
                      aliasExists(18),



DeSanti, et al.             Standards Track                    [Page 28]


RFC 4936                   FC Zone Server MIB                August 2007


                      zoneSetUnknown(19),
                      zoneUnknown(20),
                      aliasUnknown(21),
                      zoneAliasTypeUnknown(22),
                      unableEnhancedMode(23),
                      basicZoningCmdsNotSupported(24),
                      zoneAttribObjectExists(25),
                      zoneAttribObjectUnknown(26),
                      requestInProcess(27),
                      cmitInProcess(28),
                      hardEnforcementFailed(29),
                      unresolvedReferences(30),
                      consistencyChecksFailed(31)
                  }

T11ZoningName ::= TEXTUAL-CONVENTION
    STATUS        current
    DESCRIPTION
           "This datatype is a refinement of an SnmpAdminString,
           and is used to represent a name stored in a Fibre
           Channel Zoning Data Structure.

           The value begins with an ASCII letter (upper or lower
           case) followed by zero or more characters from the set:
           lower case letters, upper case letters, numbers, and
           the symbols ($-^_).

           The value does not include fill bytes."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.8.1."
    SYNTAX       OCTET STRING (SIZE (1..64))

--
-- The table of Zone Servers
--

t11ZsServerTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsServerEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information about the Zone Servers
           on each Fabric in one or more switches, and providing
           the capability to perform operations on their Zone
           Server databases."
    ::= { t11ZsConfiguration 1 }




DeSanti, et al.             Standards Track                    [Page 29]


RFC 4936                   FC Zone Server MIB                August 2007


t11ZsServerEntry OBJECT-TYPE
    SYNTAX       T11ZsServerEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information specific to a
           Zone Server for a particular Fabric (identified by
           the value of t11ZsServerFabricIndex) on a particular
           switch (identified by values of fcmInstanceIndex
           and fcmSwitchIndex).

           The persistence across reboots of writable values in
           a row of this table is given by the instance of
           t11ZsServerDatabaseStorageType in that row."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex }
    ::= { t11ZsServerTable 1 }

T11ZsServerEntry ::= SEQUENCE {
    t11ZsServerFabricIndex           T11FabricIndex,
    t11ZsServerCapabilityObject      BITS,
    t11ZsServerDatabaseStorageType   StorageType,
    t11ZsServerDistribute            INTEGER,
    t11ZsServerCommit                INTEGER,
    t11ZsServerResult                INTEGER,
    t11ZsServerReasonCode            T11NsGs4RejectReasonCode,
    t11ZsServerReasonCodeExp         OCTET STRING,
    t11ZsServerReasonVendorCode      OCTET STRING,
    t11ZsServerLastChange            TimeStamp,
    t11ZsServerHardZoning            TruthValue,
    t11ZsServerReadFromDatabase      INTEGER,
    t11ZsServerOperationMode         INTEGER,
    t11ZsServerChangeModeResult      INTEGER,
    t11ZsServerDefaultZoneSetting    INTEGER,
    t11ZsServerMergeControlSetting   INTEGER,
    t11ZsServerDefZoneBroadcast      TruthValue
}

t11ZsServerFabricIndex OBJECT-TYPE
    SYNTAX       T11FabricIndex
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A unique index value that uniquely identifies a
           particular Fabric."
    ::= { t11ZsServerEntry 1 }

t11ZsServerCapabilityObject OBJECT-TYPE



DeSanti, et al.             Standards Track                    [Page 30]


RFC 4936                   FC Zone Server MIB                August 2007


    SYNTAX        BITS {
                      enhancedMode(0),
                      zoneSetDb(1),
                      activateDirect(2),
                      hardZoning(3)
                  }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
           "This bitmap represents the capability of the switch
           on this Fabric:

               'enhancedMode' - able to support enhanced Zoning
                                mode of operation.

               'zoneSetDb'    - able to support maintaining of
                                a Zone Set Database.

               'activateDirect' - able to support the Activate
                                  Direct command.

               'hardZoning'   - able to support Hard Zoning."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, section 6.1.23.4.4"
    ::= { t11ZsServerEntry 2 }

t11ZsServerDatabaseStorageType OBJECT-TYPE
    SYNTAX       StorageType
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies the memory realization, on a
           particular switch, of the Zone Set database for a
           particular Fabric.  Specifically, each row in the
           following tables:

                      t11ZsSetTable
                      t11ZsZoneTable
                      t11ZsSetZoneTable
                      t11ZsAliasTable
                      t11ZsZoneMemberTable
                      t11ZsAttribBlockTable
                      t11ZsAttribTable

           has a StorageType as specified by the instance of
           this object that is INDEXed by the same values of
           fcmInstanceIndex, fcmSwitchIndex, and



DeSanti, et al.             Standards Track                    [Page 31]


RFC 4936                   FC Zone Server MIB                August 2007


           t11ZsServerFabricIndex.

           The value of this object is also used to indicate
           the persistence across reboots of writable values in
           its row of the t11ZsServerTable, as well as the
           corresponding row in the t11ZsNotifyControlTable.

           If an instance of this object has the value
           'permanent(4)', the Zone Set database for the given
           Fabric on the given switch is not required to be
           writeable."
    DEFVAL { nonVolatile }
    ::= { t11ZsServerEntry 3 }

t11ZsServerDistribute OBJECT-TYPE
    SYNTAX       INTEGER {
                     noop(1),
                     zoneSetDb(2)
                 }
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object can be set only in Basic mode.  When set
           to the value 'zoneSetDb', it requests that the Zone Set
           database of a particular switch for a particular Fabric
           be distributed to every other switch in that Fabric,
           e.g., by using Stage Fabric Configuration Update (SFC)
           and Update Fabric Configuration (UFC) requests.

           Setting this object to 'noop' has no effect.
           When read, the value of this object is always 'noop'.

           When the corresponding instance of t11ZsServerOperationMode
           has the value 'enhanced', or when the corresponding instance
           of t11ZsZoneSetResult has the value 'inProgress', it
           is inconsistent to try to set the value of this object."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, section 6.1.19.1."
    ::= { t11ZsServerEntry 4 }

t11ZsServerCommit OBJECT-TYPE
    SYNTAX        INTEGER {
                      commitZoneChanges(1),
                      noop(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current



DeSanti, et al.             Standards Track                    [Page 32]


RFC 4936                   FC Zone Server MIB                August 2007


    DESCRIPTION
            "This object is only used in Enhanced mode.

            In Enhanced mode, it can only be modified when the Fabric
            lock for the Zone Server on the particular Fabric has been
            obtained for use by SNMP SetRequests, and even then, only
            by the SNMP entity identified by the value of corresponding
            instance of t11FLockInitiator.

            Setting the object requests an action:

              commitZoneChanges - requests that the changes made
                                  within this session to the Zone
                                  Set Database be committed.
              noop              - requests nothing.

            When read, the value is always 'noop'."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.10.2."
    ::= { t11ZsServerEntry 5 }

t11ZsServerResult OBJECT-TYPE
    SYNTAX       INTEGER {
                     none(1),
                     inProgress(2),
                     success(3),
                     rejectFailure(4),
                     otherFailure(5)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "In Basic mode, this object indicates the status/result
           of the last distribution of the Zone Set database that
           was invoked via the corresponding instance of
           t11ZsZoneSetDistribute, e.g., the status/result of
           Stage Fabric Configuration Update (SFC) request(s) used
           to implement the setting of t11ZsZoneSetDistribute.

           In Enhanced mode, this object indicates the status/result
           of the last commit of changes to the Zone Set database
           that was invoked via the corresponding instance of
           t11ZsServerCommit.

             'none'          - no distribution/commit invoked
                               via the corresponding instance of
                               t11ZsZoneSetDistribute (Basic mode)



DeSanti, et al.             Standards Track                    [Page 33]


RFC 4936                   FC Zone Server MIB                August 2007


                               or t11ZsServerCommit (Enhanced mode).
             'inProgress'    - distribution/commit is still in
                               progress.
             'success'       - distribution/commit completed
                               successfully.
             'rejectFailure' - distribution/commit failed due to
                               an SW_RJT.
             'otherFailure'  - distribution/commit failed for some
                               other reason.

           When the value is 'rejectFailure', the corresponding
           instances of t11ZsServerReasonCode,
           t11ZsServerReasonCodeExp and t11ZsServerReasonVendorCode
           contain the reason codes. "
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.10.2.3."
    ::= { t11ZsServerEntry 6 }

t11ZsServerReasonCode OBJECT-TYPE
    SYNTAX       T11NsGs4RejectReasonCode
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the corresponding instance of t11ZsZoneSetResult
           has the value 'rejectFailure', this object contains
           the rejection's reason code.

           When the corresponding instance of t11ZsServerResult
           has a value other than 'rejectFailure', this object
           should contain the value 'none'."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, section 6.1.3 and
           tables 4, 5, and 6."
    ::= { t11ZsServerEntry 7 }

t11ZsServerReasonCodeExp OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (0 | 1))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the corresponding instance of t11ZsZoneSetResult
           has the value 'rejectFailure', this object contains
           the rejection's reason code explanation.

           When the corresponding instance of t11ZsServerResult
           has a value other than 'rejectFailure', this object



DeSanti, et al.             Standards Track                    [Page 34]


RFC 4936                   FC Zone Server MIB                August 2007


           should contain the zero-length string."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, section 6.1.3 and
           tables 4, 5, and 6."
    ::= { t11ZsServerEntry 8 }

t11ZsServerReasonVendorCode OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (0 | 1))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the corresponding instance of t11ZsZoneSetResult
           has the value 'rejectFailure', this object contains
           the rejection's reason vendor-specific code.

           When the corresponding instance of t11ZsServerResult
           has a value other than 'rejectFailure', this object
           should contain the zero-length string."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, section 6.1.3 and
           tables 4, 5, and 6."
    ::= { t11ZsServerEntry 9 }

t11ZsServerLastChange OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The value of sysUpTime at the time of the last change
           (creation, modification, or deletion) to the Zone Set
           database for the Zone Server for a particular Fabric.
           If said Zone Set database has not changed since the
           last re-initialization of the local network management
           system, then this object will contain a zero value."
    ::= { t11ZsServerEntry 10 }

t11ZsServerHardZoning OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object indicates whether this switch, if and when it
           is in Basic mode, enforces Hard Zoning on this Fabric."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.10.3.2."



DeSanti, et al.             Standards Track                    [Page 35]


RFC 4936                   FC Zone Server MIB                August 2007


    ::= { t11ZsServerEntry 11 }

t11ZsServerReadFromDatabase OBJECT-TYPE
    SYNTAX        INTEGER {
                      committedDB(1),
                      copyDB(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION
           "In Enhanced mode, this object specifies whether
           subsequent SNMP Responses (generated by the local SNMP
           agent) to operations that read the configuration of
           Zone Sets, Zones, Members, Aliases and Attributes will
           reflect the values stored in the current (committed)
           Zone Set database, or those stored in the 'copy'
           database.

           In Basic mode, the value of this object is always
           'committedDB' (since there is no 'copy' database in
           Basic mode).  In SNMP agents that don't support
           write access to the Zone Set database, this object
           is always 'committedDB' (since the copy database,
           if it were to exist, would be identical)."
    DEFVAL { committedDB }
    ::= { t11ZsServerEntry 12 }

t11ZsServerOperationMode OBJECT-TYPE
    SYNTAX        INTEGER {
                      basic(1),
                      enhanced(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION
           "The operational mode of the Zone Server.

           Setting this object to 'enhanced' is a request that the mode
           of operation of the Zone Server be Enhanced mode, which is
           only possible if all devices in the Fibre Channel Fabric are
           capable of working in Enhanced mode.  If not, the request
           will fail and the corresponding value of
           t11ZsServerChangeModeResult will so indicate.

           Setting this object to 'basic' is a request that the mode
           of operation of the Zone Server be Basic mode.  However,
           such a set may fail while operating in Enhanced mode,
           since FC-GS-5 makes no provision for changing (back)



DeSanti, et al.             Standards Track                    [Page 36]


RFC 4936                   FC Zone Server MIB                August 2007


           to Basic mode.

           Note that setting this object does not cause or require
           that the Fabric lock for the Zone Server be obtained.
           However, when this object has the value 'enhanced', any SNMP
           SetRequests that attempt to modify the copy database cannot
           be successful if the Fabric lock has not been obtained
           or has since been released."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, sections 6.4.10.1.1 and 6.4.10.1.2."
    DEFVAL { basic }
    ::= { t11ZsServerEntry 13 }

t11ZsServerChangeModeResult OBJECT-TYPE
    SYNTAX        INTEGER {
                      success(1),
                      failure(2),
                      inProgress(3),
                      none(4)
                  }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
           "When this object has the value of 'success' or
           'failure', the value indicates the outcome of the most
           recent request, invoked via t11ZsServerOperationMode,
           to change the mode of operation of the Zone Server.
           When such a request is in progress, this object has the
           value 'inProgress'.  Prior to the first such request,
           the value of this object is 'none'."
    ::= { t11ZsServerEntry 14 }

t11ZsServerDefaultZoneSetting OBJECT-TYPE
    SYNTAX       INTEGER {
                     permit(1),
                     deny(2)
                 }
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object controls the Enhanced Zoning flag that
           governs the behavior of the Default Zone on this Fabric.

           If this object is set to 'permit', then the members of
           the Default Zone on this Fabric can communicate with
           each other.




DeSanti, et al.             Standards Track                    [Page 37]


RFC 4936                   FC Zone Server MIB                August 2007


           If this object is set to 'deny', then the members of the
           Default Zone on this Fabric cannot communicate with each
           other."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.10.1.1."
    DEFVAL  { deny }
    ::= { t11ZsServerEntry 15 }

t11ZsServerMergeControlSetting OBJECT-TYPE
    SYNTAX        INTEGER {
                      allow(1),
                      restrict(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION
           "This object controls the Enhanced Zoning flag that
           indicates the Merge Control Setting for this Fabric:

               'allow'    - a switch may join the Fabric only if
                            its Zoning Database is able to merge
                            with the Fabric's Zoning Database.
               'restrict' - a switch may join the Fabric only if
                            its Zoning Database is equal to the
                            Fabric's Zoning Database."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.10.1.1."
    DEFVAL { allow }
    ::= { t11ZsServerEntry 16 }

t11ZsServerDefZoneBroadcast OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object controls an Enhanced Zoning capability:
           it indicates whether Broadcast Zoning is enabled on
           the Default Zone on this Fabric.  If this object is
           set to 'true', then it is enabled.  If this object is
           set to 'false', then it is disabled.

           If broadcast Zoning is enabled on a Default Zone,
           then broadcast frames generated by a member in that
           Default Zone will be restricted to members in that
           Default Zone."
    REFERENCE



DeSanti, et al.             Standards Track                    [Page 38]


RFC 4936                   FC Zone Server MIB                August 2007


           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.7.2.2."
    ::= { t11ZsServerEntry 17 }

--
-- The table of Zone Sets
--

t11ZsSetTable  OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsSetEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information on every Zone
           Set in the Zone Set database of the Zone Servers
           on each Fabric in one or more switches.

           In Enhanced mode, changes to a database made via this
           table are always made to the 'copy' database, but
           values read from this table reflect the contents of
           either the 'copy' database or the current (committed)
           database as indicated by the corresponding value of
           t11ZsServerReadFromDatabase."
    ::= { t11ZsConfiguration 2 }

t11ZsSetEntry  OBJECT-TYPE
    SYNTAX       T11ZsSetEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about a Zone Set
           in the Zone Set database of a particular Fabric
           (identified by the value of t11ZsServerFabricIndex)
           on a particular switch (identified by values of
           fcmInstanceIndex and fcmSwitchIndex).

           A Zone Set can be created in an existing Zone Set
           database, and can contain zero or more existing
           Zones.  As and when new Zones are created
           (as rows in the t11ZsZoneTable), they can be added
           to a Zone Set by creating an entry for each in the
           t11ZsSetZoneTable.  Deleting a row from this table
           deletes the Zone Set from the Zone Set database
           maintained by the Zone Server, but does not otherwise
           affect the Zone Server.

           The StorageType of a row in this table is specified by
           the instance of t11ZsServerDatabaseStorageType that is



DeSanti, et al.             Standards Track                    [Page 39]


RFC 4936                   FC Zone Server MIB                August 2007


           INDEXed by the same values of fcmInstanceIndex,
           fcmSwitchIndex, and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex, t11ZsSetIndex }
    ::= { t11ZsSetTable 1 }

T11ZsSetEntry ::= SEQUENCE {
    t11ZsSetIndex          Unsigned32,
    t11ZsSetName           T11ZoningName,
    t11ZsSetRowStatus      RowStatus
}

t11ZsSetIndex  OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "The index of a Zone Set.  This object uniquely
           identifies a Zone Set in the Zone Set database
           for a particular Fabric on a particular switch."
    ::= { t11ZsSetEntry 1 }

t11ZsSetName OBJECT-TYPE
    SYNTAX       T11ZoningName
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The name of this Zone Set.  The t11ZsSetName should
           be unique within a Fabric.

           The Zone Set can be renamed at any time (i.e., even
           when the row in an active state) by setting this object
           to a new value."
    ::= { t11ZsSetEntry 2 }

t11ZsSetRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this conceptual row.

           This object cannot be set to 'active' unless the
           corresponding value of t11ZsSetName is unique within
           the Fabric's Zone Server database on this switch."
    ::= { t11ZsSetEntry 3 }





DeSanti, et al.             Standards Track                    [Page 40]


RFC 4936                   FC Zone Server MIB                August 2007


--
-- The table of Zones
--

t11ZsZoneTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsZoneEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table gives information on all the Zones in the
           Zone Set database of the Zone Servers on each Fabric
           in one or more switches.

           In Enhanced mode, changes to a database made via this
           table are always made to the 'copy' database, but
           values read from this table reflect the contents of
           either the 'copy' database or the current (committed)
           database as indicated by the corresponding value of
           t11ZsServerReadFromDatabase."
    ::= { t11ZsConfiguration 3 }

t11ZsZoneEntry OBJECT-TYPE
    SYNTAX       T11ZsZoneEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about a Zone
           in the Zone Set database of a particular Fabric
           (identified by the value of t11ZsServerFabricIndex)
           on a particular switch (identified by values of
           fcmInstanceIndex and fcmSwitchIndex).

           A Zone can be created in an existing Zone Set
           database, by first creating an entry in this table,
           and then adding members to it by creating entries in the
           t11ZsZoneMemberTable.

           The StorageType of a row in this table is specified by
           the instance of t11ZsServerDatabaseStorageType that is
           INDEXed by the same values of fcmInstanceIndex,
           fcmSwitchIndex, and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex, t11ZsZoneIndex }
    ::= { t11ZsZoneTable 1 }

T11ZsZoneEntry ::= SEQUENCE {
    t11ZsZoneIndex             Unsigned32,
    t11ZsZoneName              T11ZoningName,



DeSanti, et al.             Standards Track                    [Page 41]


RFC 4936                   FC Zone Server MIB                August 2007


    t11ZsZoneAttribBlock       Unsigned32,
    t11ZsZoneRowStatus         RowStatus
}

t11ZsZoneIndex  OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies this
           Zone within a particular Fabric's Zone Set database
           on a particular switch."
    ::= { t11ZsZoneEntry 1 }

t11ZsZoneName OBJECT-TYPE
    SYNTAX       T11ZoningName
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The name of this Zone.  The t11ZsZoneName should be
           unique within a Fabric.

           The Zone can be renamed by setting this object
           to a new value."
    ::= { t11ZsZoneEntry 2 }

t11ZsZoneAttribBlock OBJECT-TYPE
    SYNTAX       Unsigned32 (0..4294967295)
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "This object specifies the index value of the
           Zone Attribute Block that contains the Attributes
           of this Zone.

           In Enhanced mode, a value of zero indicates this
           Zone has no Zone Attributes.  In Basic mode, this
           object always has the value of zero."
    ::= { t11ZsZoneEntry 3 }

t11ZsZoneRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this conceptual row.

           This object cannot be set to 'active' unless the



DeSanti, et al.             Standards Track                    [Page 42]


RFC 4936                   FC Zone Server MIB                August 2007


           corresponding value of t11ZsZoneName is unique within
           the Fabric's Zone Server database on this switch."
    ::= { t11ZsZoneEntry 4 }

--
-- The table specifying the Zones that belong to each Zone Set
--

t11ZsSetZoneTable  OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsSetZoneEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table specifies which Zones belong to which Zone
           Sets in the Zone Set database of the Zone Servers
           on each Fabric in one or more switches."
    ::= { t11ZsConfiguration 4 }

t11ZsSetZoneEntry  OBJECT-TYPE
    SYNTAX       T11ZsSetZoneEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry specifies that a particular Zone (identified
           by the value of t11ZsZoneIndex) is one of the Zones
           that form a particular Zone Set (identified by the
           value of t11ZsSetIndex) in the Zone Set database of a
           particular Fabric (identified by the value of
           t11ZsServerFabricIndex) on a particular switch
           (identified by values of fcmInstanceIndex and
           fcmSwitchIndex).

           When a row in this table exists, it references one row in
           the t11ZsSetTable and one row in the t11ZsZoneTable.  The
           agent must ensure that both such rows when referenced by an
           active row in this table, do exist and have a status of
           'active', either by refusing to create new rows in this
           table, or by automatically deleting rows in this table.

           An 'active' row in this table references one row in the
           t11ZsSetTable and one in the t11ZsZoneTable.  The agent must
           ensure that all such referenced rows exist with a status of
           'active', either by refusing to create new active rows in
           this table, or by automatically deleting any rows in this
           table that reference a deleted row.

           The StorageType of a row in this table is specified by
           the instance of t11ZsServerDatabaseStorageType that is



DeSanti, et al.             Standards Track                    [Page 43]


RFC 4936                   FC Zone Server MIB                August 2007


           INDEXed by the same values of fcmInstanceIndex,
           fcmSwitchIndex, and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex,
              t11ZsSetIndex, t11ZsZoneIndex }
    ::= { t11ZsSetZoneTable 1 }

T11ZsSetZoneEntry ::= SEQUENCE {
    t11ZsSetZoneRowStatus      RowStatus
}

t11ZsSetZoneRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this conceptual row."
    ::= { t11ZsSetZoneEntry 1 }

--
-- The table of Zone Aliases
--

t11ZsAliasTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsAliasEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table contains information about the Zone Aliases
           in the Zone Set database of the Zone Servers on each
           Fabric in one or more switches.

           In Enhanced mode, changes to a database made via this
           table are always made to the 'copy' database, but
           values read from this table reflect the contents of
           either the 'copy' database or the current (committed)
           database as indicated by the corresponding value of
           t11ZsServerReadFromDatabase."
    ::= { t11ZsConfiguration 5 }

t11ZsAliasEntry OBJECT-TYPE
    SYNTAX       T11ZsAliasEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about a Zone Alias in
           the Zone Set database of a particular Fabric
           (identified by the value of t11ZsServerFabricIndex) on



DeSanti, et al.             Standards Track                    [Page 44]


RFC 4936                   FC Zone Server MIB                August 2007


           a particular switch (identified by values of
           fcmInstanceIndex and fcmSwitchIndex).

           A Zone Member is added to a Zone Alias by creating
           an entry in the t11ZsZoneMemberTable pointing to a
           row of this table via t11ZsAliasIndex, i.e.,:

            - t11ZsZoneMemberParentType = 'alias',
            - t11ZsZoneMemberParentIndex = Alias's t11ZsAliasIndex,
            - t11ZsZoneMemberFormat != '05 - Alias Name', and
            - t11ZsZoneMemberID = Member's identifier.

           A Zone Alias is added to a Zone by creating
           an entry in the t11ZsZoneMemberTable pointing to a
           row of this table via t11ZsAliasName, i.e.,:

            - t11ZsZoneMemberParentType = 'zone',  and
            - t11ZsZoneMemberParentIndex = Zone's t11ZsZoneIndex,
            - t11ZsZoneMemberFormat = '05 - Alias Name',
            - t11ZsZoneMemberID = Alias's t11ZsAliasName.

           The StorageType of a row in this table is specified by
           the instance of t11ZsServerDatabaseStorageType that is
           INDEXed by the same values of fcmInstanceIndex,
           fcmSwitchIndex, and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex, t11ZsAliasIndex }
    ::= { t11ZsAliasTable 1 }

T11ZsAliasEntry ::= SEQUENCE {
    t11ZsAliasIndex            Unsigned32,
    t11ZsAliasName             T11ZoningName,
    t11ZsAliasRowStatus        RowStatus
}

t11ZsAliasIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value which uniquely identifies this Zone
           Alias within the Zone Set database of a particular
           Fabric on a particular switch."
    ::= { t11ZsAliasEntry 1 }

t11ZsAliasName OBJECT-TYPE
    SYNTAX       T11ZoningName
    MAX-ACCESS   read-create



DeSanti, et al.             Standards Track                    [Page 45]


RFC 4936                   FC Zone Server MIB                August 2007


    STATUS       current
    DESCRIPTION
           "The name of this Zone Alias.  The name of the Zone
           Alias should be unique within a Fabric.

           The Zone Alias can be renamed by setting this object
           to a new value if and when it is not in a Zone, i.e.,
           if and only if the current name is not the value of
           any t11ZsZoneMemberID in the same Zone Set database."
    ::= { t11ZsAliasEntry 2 }

t11ZsAliasRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this conceptual row.

           This object cannot be set to 'active' unless the
           corresponding value of t11ZsAliasName is unique within
           the Fabric's Zone Server database on this switch."
    ::= { t11ZsAliasEntry 3 }

--
-- The table of Zone Members
--

t11ZsZoneMemberTable  OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsZoneMemberEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table contains all members of a Zone/Zone Alias
           and information about those members in the Zone Set
           database of the Zone Servers on each Fabric in one or
           more switches.

           In Enhanced mode, changes to a database made via this
           table are always made to the 'copy' database, but
           values read from this table reflect the contents of
           either the 'copy' database or the current (committed)
           database as indicated by the corresponding value of
           t11ZsServerReadFromDatabase."
    ::= { t11ZsConfiguration 6 }

t11ZsZoneMemberEntry OBJECT-TYPE
    SYNTAX       T11ZsZoneMemberEntry
    MAX-ACCESS   not-accessible



DeSanti, et al.             Standards Track                    [Page 46]


RFC 4936                   FC Zone Server MIB                August 2007


    STATUS       current
    DESCRIPTION
           "Each entry represents the relationship between a
           member and (one of) its 'parent(s)', i.e., a Zone
           or Zone Alias to which the member belongs, within
           a particular Fabric (identified by the value of
           t11ZsServerFabricIndex) on a particular switch
           (identified by values of fcmInstanceIndex and
           fcmSwitchIndex).

           A Zone member (other than an alias) is added to a
           Zone by creating an entry in this table having:

            - t11ZsZoneMemberParentType = 'zone',  and
            - t11ZsZoneMemberParentIndex = Zone's t11ZsZoneIndex,
            - t11ZsZoneMemberFormat != '05 - Alias Name',
            - t11ZsZoneMemberID = Member's identifier.

           An 'active' row in this table references rows in other
           tables.  The agent must ensure that all such referenced
           rows exist with a status of 'active', either by refusing to
           create new active rows in this table, or by automatically
           deleting any rows in this table that reference a deleted
           row.

           The StorageType of a row in this table is specified by
           the instance of t11ZsServerDatabaseStorageType that is
           INDEXed by the same values of fcmInstanceIndex,
           fcmSwitchIndex, and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex, t11ZsZoneMemberParentType,
              t11ZsZoneMemberParentIndex, t11ZsZoneMemberIndex }
    ::= { t11ZsZoneMemberTable 1 }

T11ZsZoneMemberEntry ::= SEQUENCE {
    t11ZsZoneMemberParentType        INTEGER,
    t11ZsZoneMemberParentIndex       Unsigned32,
    t11ZsZoneMemberIndex             Unsigned32,
    t11ZsZoneMemberFormat            T11ZsZoneMemberType,
    t11ZsZoneMemberID                OCTET STRING,
    t11ZsZoneMemberRowStatus         RowStatus
}

t11ZsZoneMemberParentType  OBJECT-TYPE
    SYNTAX       INTEGER {
                     zone(1), -- member belongs to a Zone
                     alias(2) -- member belongs to a Zone Alias
                 }



DeSanti, et al.             Standards Track                    [Page 47]


RFC 4936                   FC Zone Server MIB                August 2007


    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object determines whether this member belongs
           to a Zone or Zone Alias."
    ::= { t11ZsZoneMemberEntry 1 }

t11ZsZoneMemberParentIndex  OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This object contains the index value of the Zone or
           Zone Alias to which this member belongs.

           If the value of the corresponding instance of
           t11ZsZoneMemberParentType is 'zone', then this object
           will contain the value of the t11ZsZoneIndex object of
           the Zone to which this member belongs.

           If the value of the corresponding instance of
           t11ZsZoneMemberParentType is 'alias', then this object
           will contain the value of the t11ZsAliasIndex object
           of the Zone Alias to which this member belongs."
    ::= { t11ZsZoneMemberEntry 2 }

t11ZsZoneMemberIndex  OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies this Zone
           Member amongst all Zone Members in the Zone Set
           database of a particular Fabric on a particular switch."
    ::= { t11ZsZoneMemberEntry 3 }

t11ZsZoneMemberFormat OBJECT-TYPE
    SYNTAX       T11ZsZoneMemberType
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "This object identifies the format of the
           Zone/Zone Alias member's identifier contained in
           t11ZsZoneMemberID.

           This object cannot be modified while the corresponding
           value of t11ZsZoneMemberRowStatus object is 'active'."
    ::= { t11ZsZoneMemberEntry 4 }



DeSanti, et al.             Standards Track                    [Page 48]


RFC 4936                   FC Zone Server MIB                August 2007


t11ZsZoneMemberID OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1..255))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "This object contains the Member Identifier of the
           Zone or Alias.  The interpretation of this object
           depends on the value of the corresponding instance
           of t11ZsZoneMemberFormat:

             - if t11ZsZoneMemberFormat is 'N_Port_Name', then
               this object contains an N_Port_Name.

             - if t11ZsZoneMemberFormat is 'Domain_ID and physical
               port', then this object contains a 4-octet value in
               network byte order.  The first octet is zero,
               the second octet contains the Domain_ID, and the
               last 2 octets contain the physical port number.

             - if t11ZsZoneMemberFormat is 'N_Port_ID', then this
               object contains the 3-octet Nx_Port FC_ID.

             - if t11ZsZoneMemberFormat is 'Alias Name', then
               this object contains the value of t11ZsAliasName
               for some Alias in the same Zone Set database.

             - if t11ZsZoneMemberFormat is 'Node_Name', then
               this object contains an 8-octet Node_Name.

             - if t11ZsZoneMemberFormat is 'F_Port_Name', then
               this object contains an 8-octet F_Port_Name.

             - if t11ZsZoneMemberFormat is one of the 'Vendor
               Specific' values, then this object contains a value
               of 1 to 255 octets in a format defined by the relevant
               vendor.

           This object cannot be modified while the corresponding
           value of t11ZsZoneMemberRowStatus object is 'active'."
    ::= { t11ZsZoneMemberEntry 5 }

t11ZsZoneMemberRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this conceptual row.




DeSanti, et al.             Standards Track                    [Page 49]


RFC 4936                   FC Zone Server MIB                August 2007


           The corresponding instances of t11ZsZoneMemberID and
           t11ZsZoneMemberFormat objects must be set before or
           concurrently with setting this object to 'active'."
    ::= { t11ZsZoneMemberEntry 6 }

--
-- The table of Zone Attribute Blocks
--

t11ZsAttribBlockTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsAttribBlockEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table gives information on all the Zone
           Attributes in the Zone Set database of the Zone
           Servers on each Fabric in one or more switches.

           In Enhanced mode, changes to a database made via this
           table are always made to the 'copy' database, but
           values read from this table reflect the contents of
           either the 'copy' database or the current (committed)
           database as indicated by the corresponding value of
           t11ZsServerReadFromDatabase."
    ::= { t11ZsConfiguration 7 }

t11ZsAttribBlockEntry OBJECT-TYPE
    SYNTAX       T11ZsAttribBlockEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about a Zone Attribute
           Block (of Zone Attributes) in the Zone Set database
           of a particular Fabric (identified by the value of
           t11ZsServerFabricIndex) on a particular switch
           (identified by values of fcmInstanceIndex and
           fcmSwitchIndex).

           An 'active' row in this table references a row in the
           t11ZsAttribBlockTable.  The agent must ensure that the
           referenced rows exists with a status of 'active', either by
           refusing to create new active rows in this table, or by
           automatically deleting any rows in this table that
           reference a deleted row.

           The StorageType of a row in this table is specified by
           the instance of t11ZsServerDatabaseStorageType that is
           INDEXed by the same values of fcmInstanceIndex,



DeSanti, et al.             Standards Track                    [Page 50]


RFC 4936                   FC Zone Server MIB                August 2007


           fcmSwitchIndex, and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex, t11ZsAttribBlockIndex }
    ::= { t11ZsAttribBlockTable 1 }

T11ZsAttribBlockEntry ::= SEQUENCE {
    t11ZsAttribBlockIndex         Unsigned32,
    t11ZsAttribBlockName          T11ZoningName,
    t11ZsAttribBlockRowStatus     RowStatus
}

t11ZsAttribBlockIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies this Zone
           Attribute within the Zone Set database of a particular
           Fabric on a particular switch."
    ::= { t11ZsAttribBlockEntry 1 }

t11ZsAttribBlockName OBJECT-TYPE
    SYNTAX       T11ZoningName
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The name of this Zone Attribute Block, which should
           be unique within the Fabric."
    ::= { t11ZsAttribBlockEntry 2 }

t11ZsAttribBlockRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this conceptual row."
    ::= { t11ZsAttribBlockEntry 3 }














DeSanti, et al.             Standards Track                    [Page 51]


RFC 4936                   FC Zone Server MIB                August 2007


--
-- The table of Zone Attributes
--

t11ZsAttribTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsAttribEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table gives information on the Zone Attributes
           within the Zone Attribute Blocks in the Zone Set
           database of the Zone Servers on each Fabric in one
           or more switches.

           In Enhanced mode, changes to a database made via this
           table are always made to the 'copy' database, but
           values read from this table reflect the contents of
           either the 'copy' database or the current (committed)
           database as indicated by the corresponding value of
           t11ZsServerReadFromDatabase."
    ::= { t11ZsConfiguration 8 }

t11ZsAttribEntry OBJECT-TYPE
    SYNTAX       T11ZsAttribEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains information about a Zone
           Attribute in a Zone Attribute Block (identified by
           t11ZsAttribBlockIndex) in the Zone Set database of
           a particular Fabric (identified by the value of
           t11ZsServerFabricIndex) on a particular switch
           (identified by values of fcmInstanceIndex and
           fcmSwitchIndex).

           An entry in this table cannot be created prior to
           its associated entry in the t11ZsAttribBlockTable.

           The StorageType of a row in this table is specified by
           the instance of t11ZsServerDatabaseStorageType that is
           INDEXed by the same values of fcmInstanceIndex,
           fcmSwitchIndex, and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex,
              t11ZsAttribBlockIndex, t11ZsAttribIndex }
    ::= { t11ZsAttribTable 1 }

T11ZsAttribEntry ::= SEQUENCE {



DeSanti, et al.             Standards Track                    [Page 52]


RFC 4936                   FC Zone Server MIB                August 2007


    t11ZsAttribIndex            Unsigned32,
    t11ZsAttribType             Unsigned32,
    t11ZsAttribValue            OCTET STRING,
    t11ZsAttribRowStatus        RowStatus
}

t11ZsAttribIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies this
           Zone Attribute within its Zone Attribute Block in
           the Zone Set database of a particular Fabric on a
           particular switch."
    ::= { t11ZsAttribEntry 1 }

t11ZsAttribType  OBJECT-TYPE
    SYNTAX       Unsigned32 (0..65535)
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The type of attribute:

                0001       - Protocol
                0002       - Broadcast Zone
                0003       - Hard Zone
                00E0 (hex) - Vendor Specific."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.8.3.8, Table 249."
    ::= { t11ZsAttribEntry 2 }

t11ZsAttribValue  OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (4..252))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The value of the attribute, formatted as specified
           in FC-GS-5 for the type given by the corresponding
           instance of t11ZsAttribType.

           Note that FC-GS-5 requires that the length of this
           value is a multiple of 4 bytes."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.8.3.8."
    ::= { t11ZsAttribEntry 3 }



DeSanti, et al.             Standards Track                    [Page 53]


RFC 4936                   FC Zone Server MIB                August 2007


t11ZsAttribRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
           "The status of this conceptual row."
    ::= { t11ZsAttribEntry 4 }

--
-- Activating a Zone Set
--

t11ZsActivateTable  OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsActivateEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table provides a mechanism to allow a Zone Set
           to be activated on a Fabric."
    ::= { t11ZsConfiguration 9 }

t11ZsActivateEntry OBJECT-TYPE
    SYNTAX       T11ZsActivateEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry reflects the state of the activation of a
           Zone Set by a particular switch (identified by values
           of fcmInstanceIndex and fcmSwitchIndex) on a particular
           Fabric (identified by the value of
           t11ZsServerFabricIndex)."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex }
    ::= { t11ZsActivateTable 1 }

T11ZsActivateEntry ::= SEQUENCE {
    t11ZsActivateRequest       Unsigned32,
    t11ZsActivateDeactivate    INTEGER,
    t11ZsActivateResult        INTEGER,
    t11ZsActivateFailCause     SnmpAdminString,
    t11ZsActivateFailDomainId  FcDomainIdOrZero
}

t11ZsActivateRequest OBJECT-TYPE
    SYNTAX       Unsigned32 (0..4294967295)
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION



DeSanti, et al.             Standards Track                    [Page 54]


RFC 4936                   FC Zone Server MIB                August 2007


           "Setting this object to a value is a request for a
           Zone Set to be activated on the Fabric that is
           represented by this row.  The Zone Set to be
           activated is the one for which t11ZsSetIndex has
           the same value.

           If a Zone Set is already active on a Fabric when a
           request is made to activate a different one on that
           Fabric, then the existing Zone Set is automatically
           deactivated and the specified Zone Set is activated
           in its place.

           The value of this object when read is always 0."
    ::= { t11ZsActivateEntry 1 }

t11ZsActivateDeactivate OBJECT-TYPE
    SYNTAX       INTEGER {
                     deactivate(1),
                     noop(2)
                 }
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "Setting this object to 'deactivate' is a request
           to deactivate the currently active Zone Set on
           a Fabric.

           Note that the deactivation of the active Zone Set
           allows all ports to communicate or no ports to
           communicate, depending on the current Default Zone
           behavior.

           No action is taken if this object is set to 'noop'.
           When read, the value of this object is always 'noop'."
    ::= { t11ZsActivateEntry 2 }

t11ZsActivateResult OBJECT-TYPE
    SYNTAX       INTEGER {
                     activateSuccess(1),
                     activateFailure(2),
                     deactivateSuccess(3),
                     deactivateFailure(4),
                     inProgress(5),
                     none(6)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION



DeSanti, et al.             Standards Track                    [Page 55]


RFC 4936                   FC Zone Server MIB                August 2007


           "This object indicates the outcome of the most recent
           activation/deactivation using this entry.

           When the value of this object is 'inProgress', the
           values of the corresponding instances of
           t11ZsActivateRequest and t11ZsActivateDeactivate
           cannot be modified.

           The value 'none' indicates activation/deactivation
           has not been attempted since the last restart of
           the management system."
    ::= { t11ZsActivateEntry 3 }

t11ZsActivateFailCause OBJECT-TYPE
    SYNTAX       SnmpAdminString (SIZE (0..64))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "A textual message indicating the reason for the
           most recent failure of a Zone Set activation or
           deactivation, or the zero-length string if no
           information is available (e.g., because the
           corresponding instance of t11ZsActivateResult
           has the value 'none').

           When the corresponding instance of
           t11ZsActivateResult is either 'activateFailure'
           or 'deactivateFailure', the value of this object
           indicates the reason for that failure."
    ::= { t11ZsActivateEntry 4 }

t11ZsActivateFailDomainId OBJECT-TYPE
    SYNTAX       FcDomainIdOrZero
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "If the failure cause (as indicated by
           t11ZsSetFailCause) was specific to a particular
           device, this object contains the Domain_ID of that
           device.  Otherwise, this object contains zero."
    ::= { t11ZsActivateEntry 5 }










DeSanti, et al.             Standards Track                    [Page 56]


RFC 4936                   FC Zone Server MIB                August 2007


--
-- t11ZsActiveTable
--

t11ZsActiveTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsActiveEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table containing information on the currently
           enforced/active Zone Set on each Fabric.
           An active Zone Set cannot be modified.
           This table will be empty when no Zone Set is
           activated."
    ::= { t11ZsConfiguration 10 }

t11ZsActiveEntry OBJECT-TYPE
    SYNTAX       T11ZsActiveEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry represents an active Zone Set of a
           particular Fabric (identified by the value of
           t11ZsServerFabricIndex), according to a particular
           switch (identified by values of fcmInstanceIndex and
           fcmSwitchIndex)."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex }
    ::= { t11ZsActiveTable 1 }

T11ZsActiveEntry ::= SEQUENCE {
    t11ZsActiveZoneSetName    T11ZoningName,
    t11ZsActiveActivateTime   TimeStamp
}

t11ZsActiveZoneSetName OBJECT-TYPE
    SYNTAX       T11ZoningName
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of this Zone Set on this Fabric."
    ::= { t11ZsActiveEntry 1 }

t11ZsActiveActivateTime OBJECT-TYPE
    SYNTAX       TimeStamp
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION



DeSanti, et al.             Standards Track                    [Page 57]


RFC 4936                   FC Zone Server MIB                August 2007


           "The value of sysUpTime at which this entry was most
           recently activated.  If this row was activated prior to
           the last re-initialization of the local network management
           system, then this object will contain a zero value."
    ::= { t11ZsActiveEntry 2 }

--
-- Zones in the Active/Enforced Zone Set
--

t11ZsActiveZoneTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsActiveZoneEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table contains all the Zones that are present in
           the active Zone Sets on all Fabrics."
    ::= { t11ZsConfiguration 11 }

t11ZsActiveZoneEntry OBJECT-TYPE
    SYNTAX       T11ZsActiveZoneEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry represents a Zone in the active Zone Set
           of a particular Fabric (identified by the value of
           t11ZsServerFabricIndex), according to a particular
           switch (identified by values of fcmInstanceIndex and
           fcmSwitchIndex)."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex, t11ZsActiveZoneIndex }
    ::= { t11ZsActiveZoneTable 1 }

T11ZsActiveZoneEntry ::= SEQUENCE {
    t11ZsActiveZoneIndex           Unsigned32,
    t11ZsActiveZoneName            T11ZoningName,
    t11ZsActiveZoneBroadcastZoning TruthValue,
    t11ZsActiveZoneHardZoning      TruthValue
}

t11ZsActiveZoneIndex  OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies this Zone
           within the active Zone Set on a particular Fabric."
    ::= { t11ZsActiveZoneEntry 1 }



DeSanti, et al.             Standards Track                    [Page 58]


RFC 4936                   FC Zone Server MIB                August 2007


t11ZsActiveZoneName OBJECT-TYPE
    SYNTAX       T11ZoningName
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The name of this Zone."
    ::= { t11ZsActiveZoneEntry 2 }

t11ZsActiveZoneBroadcastZoning OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object indicates whether broadcast Zoning is
           enabled on this Zone.  If broadcast Zoning is enabled,
           then broadcast frames generated by a member in this
           Zone will be restricted to members in this Zone.

           This object is only instantiated in Enhanced mode."
    ::= { t11ZsActiveZoneEntry 3 }

t11ZsActiveZoneHardZoning OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object indicates whether hard Zoning is
           enabled on this Zone.

           This object is only instantiated in Enhanced mode."
    ::= { t11ZsActiveZoneEntry 4 }

--
-- Zone Members in the Active/Enforced Zone Set
--

t11ZsActiveZoneMemberTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsActiveZoneMemberEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table contains all members of all Zones
           within the active Zone Set on any Fabric."
    ::= { t11ZsConfiguration 12 }

t11ZsActiveZoneMemberEntry OBJECT-TYPE
    SYNTAX       T11ZsActiveZoneMemberEntry
    MAX-ACCESS   not-accessible



DeSanti, et al.             Standards Track                    [Page 59]


RFC 4936                   FC Zone Server MIB                August 2007


    STATUS       current
    DESCRIPTION
           "Each entry represents a member of a Zone in the active
           Zone Set of a particular Fabric (identified by the value
           t11ZsServerFabricIndex), according to a particular
           switch (identified by values of fcmInstanceIndex and
           fcmSwitchIndex)."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex,
              t11ZsActiveZoneIndex, t11ZsActiveZoneMemberIndex }
    ::= { t11ZsActiveZoneMemberTable 1 }

T11ZsActiveZoneMemberEntry ::= SEQUENCE {
    t11ZsActiveZoneMemberIndex      Unsigned32,
    t11ZsActiveZoneMemberFormat     T11ZsZoneMemberType,
    t11ZsActiveZoneMemberID         OCTET STRING
}

t11ZsActiveZoneMemberIndex  OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies this
           member amongst the members of a particular Zone
           in the active Zone Set on a particular Fabric."
    ::= { t11ZsActiveZoneMemberEntry 1 }

t11ZsActiveZoneMemberFormat OBJECT-TYPE
    SYNTAX       T11ZsZoneMemberType
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This object identifies the identifier format of the
           corresponding instance of t11ZsActiveZoneMemberID."
    ::= { t11ZsActiveZoneMemberEntry 2 }

t11ZsActiveZoneMemberID OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1..255))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "This value of this object identifies the member
           using the format specified in the corresponding
           instance of t11ZsActiveZoneMemberFormat."
    ::= { t11ZsActiveZoneMemberEntry 3 }





DeSanti, et al.             Standards Track                    [Page 60]


RFC 4936                   FC Zone Server MIB                August 2007


--
-- Zone Attributes in the Active/Enforced Zone Set
--

t11ZsActiveAttribTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsActiveAttribEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "This table contains information about some of the
           Attributes of the Zones within the active Zone Set
           on each Fabric.

           This table contains all the types of attributes
           that might apply zero, one, or more times to a Zone.
           Attributes that apply once and only to a Zone are
           specified in the t11ZsActiveZoneTable.

           This table will always be empty in Basic mode.
           It will also be empty if there are no Zones in
           any active Zone Set having any of the applicable
           types of attributes."
    ::= { t11ZsConfiguration 13 }

t11ZsActiveAttribEntry OBJECT-TYPE
    SYNTAX       T11ZsActiveAttribEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains an Attribute of a particular
           Zone in the active Zone Set of a particular Fabric
           (identified by the value of t11ZsServerFabricIndex),
           according to a particular switch (identified by
           values of fcmInstanceIndex and fcmSwitchIndex)."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex,
              t11ZsActiveZoneIndex, t11ZsActiveAttribIndex }
    ::= { t11ZsActiveAttribTable 1 }

T11ZsActiveAttribEntry ::= SEQUENCE {
    t11ZsActiveAttribIndex        Unsigned32,
    t11ZsActiveAttribType         Unsigned32,
    t11ZsActiveAttribValue        OCTET STRING
}

t11ZsActiveAttribIndex  OBJECT-TYPE
    SYNTAX       Unsigned32 (1..4294967295)
    MAX-ACCESS   not-accessible



DeSanti, et al.             Standards Track                    [Page 61]


RFC 4936                   FC Zone Server MIB                August 2007


    STATUS       current
    DESCRIPTION
           "An index value that uniquely identifies this
           attribute amongst the other attributes for a
           particular Zone in the active Zone Set on a
           particular Fabric."
    ::= { t11ZsActiveAttribEntry 1 }

t11ZsActiveAttribType  OBJECT-TYPE
    SYNTAX       Unsigned32 (0..65535)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The type of attribute:

                0001       - Protocol
                00E0 (hex) - Vendor Specific

           Note that type 2 (Hard) and type 3 (Broadcast)
           do not need to be represented here, because they
           are represented by t11ZsActiveZoneBroadcastZoning and
           t11ZsActiveZoneHardZoning."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.8.3.8, Table 249."
    ::= { t11ZsActiveAttribEntry 2 }

t11ZsActiveAttribValue  OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (0..252))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The value of the attribute, formatted according to
           its type as indicated by the corresponding instance
           of t11ZsActiveAttribType.

           As specified in FC-GS-5, the length of an attribute
           value is at least 4 bytes, and if necessary, the value
           is appended with zero bytes so that the length is a
           multiple of 4.  For a Vendor-Specific attribute
           value, the first 8 bytes contain the T10 Vendor ID
           as described in FC-GS-5."
    REFERENCE
           "Fibre Channel - Generic Services-5 (FC-GS-5),
           ANSI INCITS 427-2007, section 6.4.8.3.8."
    ::= { t11ZsActiveAttribEntry 3 }





DeSanti, et al.             Standards Track                    [Page 62]


RFC 4936                   FC Zone Server MIB                August 2007


--
-- Zone Server Statistics
--

t11ZsStatsTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of statistics maintained by Zone Servers."
    ::= { t11ZsStatistics 1 }

t11ZsStatsEntry OBJECT-TYPE
    SYNTAX       T11ZsStatsEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A set of statistics for a Zone Server on a
           particular Fabric (identified by the value of
           t11ZsServerFabricIndex) on a particular switch
           (identified by values of fcmInstanceIndex and
           fcmSwitchIndex)."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex }
    ::= { t11ZsStatsTable 1 }

T11ZsStatsEntry ::= SEQUENCE {
    t11ZsOutMergeRequests     Counter32,
    t11ZsInMergeAccepts       Counter32,
    t11ZsInMergeRequests      Counter32,
    t11ZsOutMergeAccepts      Counter32,
    t11ZsOutChangeRequests    Counter32,
    t11ZsInChangeAccepts      Counter32,
    t11ZsInChangeRequests     Counter32,
    t11ZsOutChangeAccepts     Counter32,
    t11ZsInZsRequests         Counter32,
    t11ZsOutZsRejects         Counter32
}

t11ZsOutMergeRequests OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of Merge Request Frames sent by this Zone
           Server to other Zone Servers in the same Fabric.

           This counter has no discontinuities other than those



DeSanti, et al.             Standards Track                    [Page 63]


RFC 4936                   FC Zone Server MIB                August 2007


           that all Counter32s have when sysUpTime=0."
    ::= { t11ZsStatsEntry 1 }

t11ZsInMergeAccepts OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of Merge Accept Frames received by this Zone
           Server from other Zone Servers in the same Fabric.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    ::= { t11ZsStatsEntry 2 }

t11ZsInMergeRequests OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of Merge Request Frames received by this Zone
           Server from other Zone Servers in the same Fabric.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    ::= { t11ZsStatsEntry 3 }

t11ZsOutMergeAccepts OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of Merge Accept Frames sent by this Zone
           Server to other Zone Servers in the same Fabric.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    ::= { t11ZsStatsEntry 4 }

t11ZsOutChangeRequests OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of change requests sent (via the Fabric
           Management Session Protocol) by this Zone Server to
           other Zone Servers in the same Fabric.




DeSanti, et al.             Standards Track                    [Page 64]


RFC 4936                   FC Zone Server MIB                August 2007


           This includes Acquire Change Authorization requests, Stage
           Fabric Config Update requests, Update Fabric Config requests
           and Release Change Authorization requests.  It also includes
           the corresponding types of requests defined by the Enhanced
           Commit Service.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, sections 10.6 and 13."
    ::= { t11ZsStatsEntry 5 }

t11ZsInChangeAccepts OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of SW_ACC messages received from other Zone
           Servers in the same Fabric (according to the Fabric
           Management Session Protocol) in response to change
           requests by this Zone Server.

           This includes SW_ACC messages received in response to
           Acquire Change Authorization requests, to Stage Fabric
           Config Update requests, to Update Fabric Config requests,
           and to Release Change Authorization requests.  It also
           includes responses to the corresponding types of requests
           defined for the Enhanced Commit Service.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, sections 10.6 and 13."
    ::= { t11ZsStatsEntry 6 }

t11ZsInChangeRequests OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of change requests received (via the Fabric
           Management Session Protocol) by this Zone Server from
           other Zone Servers in the same Fabric.

           This includes Acquire Change Authorization requests, Stage
           Fabric Config Update requests, Update Fabric Config requests



DeSanti, et al.             Standards Track                    [Page 65]


RFC 4936                   FC Zone Server MIB                August 2007


           and Release Change Authorization requests.  It also includes
           the corresponding types of requests defined by the Enhanced
           Commit Service.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, sections 10.6 and 13."
    ::= { t11ZsStatsEntry 7 }

t11ZsOutChangeAccepts OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of SW_ACC messages sent by this Zone Server
           (according to the Fabric Management Session Protocol) in
           response to change requests from other Zone Servers in
           the same Fabric.

           This includes SW_ACC messages sent in response to
           Acquire Change Authorization requests, to Stage Fabric
           Config Update requests, to Update Fabric Config requests
           and to Release Change Authorization requests.  It also
           includes responses to the corresponding types of requests
           defined for the Enhanced Commit Service.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    REFERENCE
           "Fibre Channel - Switch Fabric-4 (FC-SW-4),
           ANSI INCITS 418-2006, April 2006, sections 10.6 and 13."
    ::= { t11ZsStatsEntry 8 }

t11ZsInZsRequests OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of Zone Server requests received by this
           Zone Server on this Fabric, both those received in
           Basic mode and in Enhanced mode.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    ::= { t11ZsStatsEntry 9 }




DeSanti, et al.             Standards Track                    [Page 66]


RFC 4936                   FC Zone Server MIB                August 2007


t11ZsOutZsRejects OBJECT-TYPE
    SYNTAX       Counter32
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The number of Zone Server requests rejected by this
           Zone Server on this Fabric, both those rejected in
           Basic mode and in Enhanced mode.

           This counter has no discontinuities other than those
           that all Counter32s have when sysUpTime=0."
    ::= { t11ZsStatsEntry 10 }

--
-- Notification Control Table
--

t11ZsNotifyControlTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF T11ZsNotifyControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "A table of control information for notifications
           generated due to Zone Server events."
    ::= { t11ZsConfiguration 14 }

t11ZsNotifyControlEntry OBJECT-TYPE
    SYNTAX       T11ZsNotifyControlEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
           "Each entry contains notification control information
           specific to a Zone Server for a particular Fabric
           (identified by the value of t11ZsServerFabricIndex)
           on a particular switch (identified by values of
           fcmInstanceIndex and fcmSwitchIndex).

           The persistence across reboots of writable values in
           a row of this table is specified by the instance of
           t11ZsServerDatabaseStorageType that is INDEXed by
           the same values of fcmInstanceIndex, fcmSwitchIndex,
           and t11ZsServerFabricIndex."
    INDEX   { fcmInstanceIndex, fcmSwitchIndex,
              t11ZsServerFabricIndex }
    ::= { t11ZsNotifyControlTable 1 }

T11ZsNotifyControlEntry ::= SEQUENCE {
     t11ZsNotifyRequestRejectEnable    TruthValue,



DeSanti, et al.             Standards Track                    [Page 67]


RFC 4936                   FC Zone Server MIB                August 2007


     t11ZsNotifyMergeFailureEnable     TruthValue,
     t11ZsNotifyMergeSuccessEnable     TruthValue,
     t11ZsNotifyDefZoneChangeEnable    TruthValue,
     t11ZsNotifyActivateEnable         TruthValue,
     t11ZsRejectCtCommandString        OCTET STRING,
     t11ZsRejectRequestSource          FcNameIdOrZero,
     t11ZsRejectReasonCode             T11NsGs4RejectReasonCode,
     t11ZsRejectReasonCodeExp          T11ZsRejectReasonExplanation,
     t11ZsRejectReasonVendorCode       OCTET STRING
}

t11ZsNotifyRequestRejectEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether t11ZsRequestRejectNotify
           notifications should be generated by the Zone Server
           for this Fabric."
    ::= { t11ZsNotifyControlEntry 1 }

t11ZsNotifyMergeFailureEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether t11ZsMergeFailureNotify
           notifications should be generated by the Zone Server
           for this Fabric."
    ::= { t11ZsNotifyControlEntry 2 }

t11ZsNotifyMergeSuccessEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether t11ZsMergeSuccessNotify
           notifications should be generated by the Zone Server
           for this Fabric."
    ::= { t11ZsNotifyControlEntry 3 }

t11ZsNotifyDefZoneChangeEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether t11ZsDefZoneChangeNotify
           notifications should be generated by the Zone Server



DeSanti, et al.             Standards Track                    [Page 68]


RFC 4936                   FC Zone Server MIB                August 2007


           for this Fabric."
    ::= { t11ZsNotifyControlEntry 4 }

t11ZsNotifyActivateEnable OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
           "This object specifies whether t11ZsActivateNotify
           notifications should be generated by the Zone Server
           for this Fabric."
    ::= { t11ZsNotifyControlEntry 5 }

t11ZsRejectCtCommandString OBJECT-TYPE
    SYNTAX        OCTET STRING (SIZE (0..255))
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION
           "The binary content of the Zone Server request,
           formatted as an octet string (in network byte order)
           containing the Common Transport Information Unit
           (CT_IU), as described in Table 2 of FC-GS-5 (including
           the preamble), which was most recently rejected by the
           Fabric Configuration Server for this Fabric.

           This object contains the zero-length string
           if and when the CT-IU's content is unavailable.

           When the length of this object is 255 octets, it
           contains the first 255 octets of the CT-IU (in
           network byte order)."
    ::= { t11ZsNotifyControlEntry 6 }

t11ZsRejectRequestSource OBJECT-TYPE
    SYNTAX       FcNameIdOrZero
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "The WWN that was the source of the CT_IU
           contained in the corresponding instance of
           t11ZsRejectCtCommandString."
    ::= { t11ZsNotifyControlEntry 7 }

t11ZsRejectReasonCode OBJECT-TYPE
    SYNTAX       T11NsGs4RejectReasonCode
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION



DeSanti, et al.             Standards Track                    [Page 69]


RFC 4936                   FC Zone Server MIB                August 2007


           "The reason code corresponding to the most recent
           rejection of a request by the Zone Server for
           this Fabric."
    ::= { t11ZsNotifyControlEntry 8 }

t11ZsRejectReasonCodeExp OBJECT-TYPE
    SYNTAX       T11ZsRejectReasonExplanation
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the value of t11ZsRejectReasonCode is
           'Unable to perform command request', this
           object contains the corresponding reason code
           explanation."
    ::= { t11ZsNotifyControlEntry 9 }

t11ZsRejectReasonVendorCode       OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE (1))
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
           "When the value of t11ZsRejectReasonCode is
           'Vendor Specific Error', this object contains
           the corresponding vendor-specific reason code."
    ::= { t11ZsNotifyControlEntry 10 }

t11ZsFabricIndex OBJECT-TYPE
    SYNTAX       Unsigned32 (0..4096)
    MAX-ACCESS   accessible-for-notify
    STATUS       current
    DESCRIPTION
           "This object contains either a value of
           T11FabricIndex to identify the Fabric on which
           some occurrence has caused a notification to be
           generated, or it has the value 4096 to indicate
           all applicable Fabrics."
    ::= { t11ZsConfiguration 15 }














DeSanti, et al.             Standards Track                    [Page 70]


RFC 4936                   FC Zone Server MIB                August 2007


-- Notifications

t11ZsRequestRejectNotify NOTIFICATION-TYPE
    OBJECTS      { t11FamLocalSwitchWwn,
                   t11ZsRejectRequestSource,
                   t11ZsRejectCtCommandString,
                   t11ZsRejectReasonCode,
                   t11ZsRejectReasonCodeExp,
                   t11ZsRejectReasonVendorCode }
    STATUS       current
    DESCRIPTION
           "This notification is generated whenever a Zone Server
           (indicated by the value of t11FamLocalSwitchWwn) rejects
           a request.

           The value of t11ZsRejectCtCommandString indicates the
           rejected request, and the values of t11ZsRejectReasonCode,
           t11ZsRejectReasonCodeExp and t11ZsRejectReasonVendorCode
           indicate the reason for the rejection.  The value of
           t11ZsRequestClient indicates the source of the request."
    ::= { t11ZsMIBNotifications 1 }

t11ZsMergeFailureNotify NOTIFICATION-TYPE
    OBJECTS      { ifIndex, t11ZsFabricIndex }
    STATUS       current
    DESCRIPTION
           "This notification indicates that a Zone merge
           failure has occurred on the Fabric indicated by the
           value of t11ZsFabricIndex, on the interface
           indicated by the value of ifIndex.

           If multiple Virtual Fabrics are configured on an
           interface, and all have a Zone merge failure
           at the same time, then just one notification is
           generated and t11ZsFabricIndex has the value 4096."
    ::= { t11ZsMIBNotifications 2 }

t11ZsMergeSuccessNotify NOTIFICATION-TYPE
    OBJECTS      { ifIndex, t11ZsFabricIndex }
    STATUS       current
    DESCRIPTION
           "This notification indicates that a successful Zone
           merge has occurred on the Fabric indicated by the
           value of t11ZsFabricIndex, on the interface
           indicated by the value of ifIndex.

           If multiple Virtual Fabrics are configured on an
           interface, and all have a successful Zone Merge



DeSanti, et al.             Standards Track                    [Page 71]


RFC 4936                   FC Zone Server MIB                August 2007


           at the same time, then just one notification is
           generated and t11ZsFabricIndex has the value 4096."
    ::= { t11ZsMIBNotifications 3 }

t11ZsDefZoneChangeNotify NOTIFICATION-TYPE
    OBJECTS      { t11ZsServerDefaultZoneSetting }
    STATUS       current
    DESCRIPTION
           "This notification indicates that the
           value of a Default Zone Setting has changed.
           The value of t11ZsServerDefaultZoneSetting
           contains the value after the change."
    ::= { t11ZsMIBNotifications 4 }

t11ZsActivateNotify NOTIFICATION-TYPE
    OBJECTS      { t11FamLocalSwitchWwn, t11ZsActivateResult }
    STATUS       current
    DESCRIPTION
           "This notification is generated whenever a switch
           (indicated by the value of t11FamLocalSwitchWwn)
           activates/deactivates a Zone Set on a Fabric.
           The t11ZsActivateResult object denotes the outcome
           of the activation/deactivation."
    ::= { t11ZsMIBNotifications 5 }

-- Conformance

t11ZsMIBCompliances OBJECT IDENTIFIER ::= { t11ZsMIBConformance 1 }
t11ZsMIBGroups      OBJECT IDENTIFIER ::= { t11ZsMIBConformance 2 }

t11ZsMIBCompliance MODULE-COMPLIANCE
    STATUS       current
    DESCRIPTION
           "The compliance statement for entities that
           implement the Zone Server."
    MODULE MANDATORY-GROUPS {t11ZsBasicGroup,
                             t11ZsNotificationControlGroup,
                             t11ZsNotificationGroup }

    GROUP        t11ZsEnhancedModeGroup
    DESCRIPTION
           "This group is mandatory only for those systems
           with Zone Servers that support Enhanced Mode."

    GROUP        t11ZsActivateGroup
    DESCRIPTION
           "Only entities that provide write access for
           activating a Zone Set support need to support



DeSanti, et al.             Standards Track                    [Page 72]


RFC 4936                   FC Zone Server MIB                August 2007


           this group."

    GROUP        t11ZsStatisticsGroup
    DESCRIPTION
           "These counters, containing Zone Server statistics,
           are mandatory only for those systems that count
           such events."

    OBJECT       t11ZsSetRowStatus
    SYNTAX       INTEGER { active(1) }
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsZoneRowStatus
    SYNTAX       INTEGER { active(1) }
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsSetZoneRowStatus
    SYNTAX       INTEGER { active(1) }
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsAliasRowStatus
    SYNTAX       INTEGER { active(1) }
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsZoneMemberRowStatus
    SYNTAX       INTEGER { active(1) }
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsAttribBlockRowStatus
    SYNTAX       INTEGER { active(1) }
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsAttribRowStatus
    SYNTAX       INTEGER { active(1) }
    MIN-ACCESS   read-only
    DESCRIPTION



DeSanti, et al.             Standards Track                    [Page 73]


RFC 4936                   FC Zone Server MIB                August 2007


           "Write access is not required."

    OBJECT       t11ZsServerDatabaseStorageType
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsServerDistribute
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsServerCommit
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsServerReadFromDatabase
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsServerOperationMode
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsServerDefaultZoneSetting
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsServerMergeControlSetting
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsServerDefZoneBroadcast
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsSetName
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsZoneName



DeSanti, et al.             Standards Track                    [Page 74]


RFC 4936                   FC Zone Server MIB                August 2007


    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsZoneAttribBlock
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsAliasName
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsZoneMemberFormat
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsZoneMemberID
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsAttribBlockName
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsAttribType
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsAttribValue
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsActivateRequest
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsActivateDeactivate
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."



DeSanti, et al.             Standards Track                    [Page 75]


RFC 4936                   FC Zone Server MIB                August 2007


    OBJECT       t11ZsNotifyRequestRejectEnable
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsNotifyMergeFailureEnable
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsNotifyMergeSuccessEnable
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsNotifyDefZoneChangeEnable
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    OBJECT       t11ZsNotifyActivateEnable
    MIN-ACCESS   read-only
    DESCRIPTION
           "Write access is not required."

    ::= { t11ZsMIBCompliances 1 }

-- Units of Conformance

t11ZsBasicGroup OBJECT-GROUP
    OBJECTS  { t11ZsServerCapabilityObject,
               t11ZsServerDatabaseStorageType,
               t11ZsServerDistribute,
               t11ZsServerResult,
               t11ZsServerReasonCode,
               t11ZsServerReasonCodeExp,
               t11ZsServerReasonVendorCode,
               t11ZsServerLastChange,
               t11ZsServerHardZoning,
               t11ZsServerReadFromDatabase,
               t11ZsServerOperationMode,
               t11ZsSetName,
               t11ZsSetRowStatus,
               t11ZsZoneName,
               t11ZsZoneAttribBlock,
               t11ZsZoneRowStatus,
               t11ZsSetZoneRowStatus,
               t11ZsZoneMemberFormat,



DeSanti, et al.             Standards Track                    [Page 76]


RFC 4936                   FC Zone Server MIB                August 2007


               t11ZsZoneMemberID,
               t11ZsZoneMemberRowStatus,
               t11ZsActiveZoneSetName,
               t11ZsActiveActivateTime,
               t11ZsActiveZoneName,
               t11ZsActiveZoneMemberFormat,
               t11ZsActiveZoneMemberID
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects for displaying and updating
           the Zone configuration of a Zone Server capable of
           operating in Basic mode."
    ::= { t11ZsMIBGroups 1 }

t11ZsEnhancedModeGroup OBJECT-GROUP
    OBJECTS  { t11ZsServerCommit,
               t11ZsServerChangeModeResult,
               t11ZsServerDefaultZoneSetting,
               t11ZsServerMergeControlSetting,
               t11ZsServerDefZoneBroadcast,
               t11ZsAliasName,
               t11ZsAliasRowStatus,
               t11ZsAttribBlockName,
               t11ZsAttribBlockRowStatus,
               t11ZsAttribType,
               t11ZsAttribValue,
               t11ZsAttribRowStatus,
               t11ZsActiveZoneBroadcastZoning,
               t11ZsActiveZoneHardZoning,
               t11ZsActiveAttribType,
               t11ZsActiveAttribValue
             }
    STATUS   current
    DESCRIPTION
           "A collection of additional objects for displaying
           and updating the Zone configuration of a Zone Server
           capable of operating in Enhanced mode."
    ::= { t11ZsMIBGroups 2 }

t11ZsStatisticsGroup OBJECT-GROUP
    OBJECTS  { t11ZsOutMergeRequests,
               t11ZsInMergeAccepts,
               t11ZsInMergeRequests,
               t11ZsOutMergeAccepts,
               t11ZsOutChangeRequests,
               t11ZsInChangeAccepts,
               t11ZsInChangeRequests,



DeSanti, et al.             Standards Track                    [Page 77]


RFC 4936                   FC Zone Server MIB                August 2007


               t11ZsOutChangeAccepts,
               t11ZsInZsRequests,
               t11ZsOutZsRejects
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects for collecting Zone Server
            statistics information."
    ::= { t11ZsMIBGroups 3 }

t11ZsNotificationControlGroup OBJECT-GROUP
    OBJECTS  { t11ZsNotifyRequestRejectEnable,
               t11ZsNotifyMergeFailureEnable,
               t11ZsNotifyMergeSuccessEnable,
               t11ZsNotifyDefZoneChangeEnable,
               t11ZsNotifyActivateEnable,
               t11ZsRejectCtCommandString,
               t11ZsRejectRequestSource,
               t11ZsRejectReasonCode,
               t11ZsRejectReasonCodeExp,
               t11ZsRejectReasonVendorCode,
               t11ZsFabricIndex
             }
    STATUS   current
    DESCRIPTION
           "A collection of notification control and
           notification information objects for monitoring
           Zone Server request rejection and Zone merge
           failures."
    ::= { t11ZsMIBGroups 4 }

t11ZsActivateGroup OBJECT-GROUP
    OBJECTS  { t11ZsActivateRequest,
               t11ZsActivateDeactivate,
               t11ZsActivateResult,
               t11ZsActivateFailCause,
               t11ZsActivateFailDomainId
             }
    STATUS   current
    DESCRIPTION
           "A collection of objects that allow a Zone Set to
           be activated via SNMP SetRequests and provide the
           status and result of such an activation."
    ::= { t11ZsMIBGroups 5 }

t11ZsNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS { t11ZsRequestRejectNotify,
                    t11ZsMergeFailureNotify,



DeSanti, et al.             Standards Track                    [Page 78]


RFC 4936                   FC Zone Server MIB                August 2007


                    t11ZsMergeSuccessNotify,
                    t11ZsDefZoneChangeNotify,
                    t11ZsActivateNotify }
    STATUS        current
    DESCRIPTION
           "A collection of notification(s) for monitoring
           Zone Server request rejection, Zone merge
           failures and successes, and Default Zoning
           behavioral changes."
    ::= { t11ZsMIBGroups 6 }

END

8.  IANA Considerations

   IANA has assigned two MIB OIDs:  one for the T11-FC-FABRIC-LOCK-MIB
   module (159) and one for the T11-FC-ZONE-SERVER-MIB module (160),
   under the mib-2 subtree.

9.  Security Considerations

   There are many management objects defined in these MIB modules with a
   MAX-ACCESS clause of read-write and/or read-create.  Such objects may
   be considered sensitive or vulnerable in some network environments.
   The support for SET operations in a non-secure environment without
   proper protection can have a negative effect on network operations.

   Specifically, unauthorized write access to *any* of the writable
   objects in these MIB modules could cause unauthorized manipulation of
   the Zoning information on a Zone Server, and/or the activation of an
   unauthorized Active Zone Set in a Fabric.  This could result in
   allowing unauthorized connectivity, and/or denying authorized
   connectivity, between hosts connected to the Fibre Channel network.
   It could also cause the suppression of notifications (e.g., of
   unauthorized operations), or the disruption of network operations due
   to the generation of unwanted notifications.

   Some of the readable objects in this MIB module (i.e., objects with a
   MAX-ACCESS other than not-accessible) may be considered sensitive or
   vulnerable in some network environments.  It is thus important to
   control even GET and/or NOTIFY access to these objects and possibly
   to even encrypt the values of these objects when sending them over
   the network via SNMP.

   Unauthorized read access to any of the readable objects in the
   t11ZsServerTable, t11ZsActiveZoneTable, t11ZsActiveZoneMemberTable,
   or t11ZsActiveAttribTable tables would reveal information about the




DeSanti, et al.             Standards Track                    [Page 79]


RFC 4936                   FC Zone Server MIB                August 2007


   currently authorized connectivity between hosts connected to the
   Fibre Channel network.

   Unauthorized read access to any of the readable objects in the
   t11ZsSetTable, t11ZsZoneTable, t11ZsSetZoneTable, t11ZsAliasTable,
   t11ZsZoneMemberTable, t11ZsAttribBlockTable, or t11ZsAttribTable
   tables would reveal information about potential/alternative
   connectivity that could be authorized between hosts connected to the
   Fibre Channel network.

   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure (for example by using IPsec),
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET (read/change/create/delete) the objects
   in this MIB module.

   It is RECOMMENDED that implementors consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy).

   Further, deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module is properly configured to give access to
   the objects only to those principals (users) that have legitimate
   rights to indeed GET or SET (change/create/delete) them.

10.  Acknowledgements

   This document was originally developed and approved by the INCITS
   Task Group T11.5 (http://www.t11.org) as the SM-ZSM project.  We wish
   to acknowledge the many contributions and comments from the INCITS
   Technical Committee T11, especially from the following:

      T11 Chair: Robert Snively, Brocade
      T11 Vice Chair: Claudio DeSanti, Cisco Systems
      T11.5 Chair: Roger Cummings, Symantec
      T11.5 Vice Chair: Scott Kipp, McData
      and T11.5 members.

   The document was subsequently a work item of the IETF's IMSS Working
   Group, chaired by David Black (EMC Corporation).  We thank Bert
   Wijnen (Lucent Technologies) for his thorough review of the document.
   We also wish to acknowledge Dan Romascanu (Avaya), the IETF Area
   Director, for his comments and assistance.




DeSanti, et al.             Standards Track                    [Page 80]


RFC 4936                   FC Zone Server MIB                August 2007


11.  Normative References

   [RFC2578]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
              Rose, M. and S. Waldbusser, "Structure of Management
              Information Version 2 (SMIv2)", STD 58, RFC 2578, April
              1999.

   [RFC2579]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
              Rose, M. and S. Waldbusser, "Textual Conventions for
              SMIv2", STD 58, RFC 2579, April 1999.

   [RFC2580]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
              Rose, M. and S. Waldbusser, "Conformance Statements for
              SMIv2", STD 58, RFC 2580, April 1999.

   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, June 2000.

   [RFC3411]  Harrington, D., Presuhn, R., and B. Wijnen, "An
              Architecture for Describing Simple Network Management
              Protocol (SNMP) Management Frameworks", STD 58, RFC 3411,
              December 2002.

   [RFC3584]  Frye, R., Levi, D., Routhier, S., and B. Wijnen,
              "Coexistence between Version 1, Version 2, and Version 3
              of the Internet-standard Network Management Framework",
              RFC 3584, August 2003.

   [FC-GS-5]  "Fibre Channel - Generic Services - 5 (FC-GS-5)", ANSI
              INCITS 427-2007,
              http://www.t11.org/t11/stat.nsf/upnum/1677-d, 2007.

   [FC-GS-4]  "Fibre Channel - Generic Services - 4 (FC-GS-4)", ANSI
              INCITS 387-2004,
              http://www.t11.org/t11/stat.nsf/upnum/1505-d, August 2004.

   [FC-SW-4]  "Fibre Channel - Switch Fabric - 4 (FC-SW-4)", ANSI INCITS
              418-2006, http://www.t11.org/t11/stat.nsf/upnum/1674-d,
              December 2006.

   [FC-FS]    "Fibre Channel - Framing and Signaling (FC-FS)", ANSI
              INCITS 373-2003, April 2003.

   [RFC4001]  Daniele, M., Haberman, B., Routhier, S., and J.
              Schoenwaelder, "Textual Conventions for Internet Network
              Addresses", RFC 4001, February 2005.





DeSanti, et al.             Standards Track                    [Page 81]


RFC 4936                   FC Zone Server MIB                August 2007


   [RFC4044]  McCloghrie, K., "Fibre Channel Management MIB", RFC 4044,
              May 2005.

   [RFC4438]  DeSanti, C., Gaonkar, V., Vivek, H., McCloghrie, K., and
              S. Gai, "Fibre-Channel Name Server MIB", RFC 4438, March
              2006.

   [RFC4439]  DeSanti, C., Gaonkar, V., McCloghrie, K., and S. Gai,
              "Fibre-Channel Fabric Address Manager MIB", RFC 4439,
              March 2006.

   [APPL-ID]  Steven Wilson (FC-SW-5, Editor), "FC-SW-5 Letter to
              T11.5", ANSI INCITS T11/06-679v0,
              http://www.t11.org/ftp/t11/pub/fc/sw-5/06-679v0.pdf, 21
              September 2006.  Approved by the T11 and T11.5 plenary
              meetings on October 5, 2006.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

12.  Informative References

   [RFC2741]  Daniele, M., Wijnen, B., Ellison, M., and D. Francisco,
              "Agent Extensibility (AgentX) Protocol Version 1", RFC
              2741, January 2000.

   [RFC3410]  Case, J., Mundy, R., Partain, D. and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410, December 2002.






















DeSanti, et al.             Standards Track                    [Page 82]


RFC 4936                   FC Zone Server MIB                August 2007


Authors' Addresses

   Claudio DeSanti
   Cisco Systems, Inc.
   170 West Tasman Drive
   San Jose, CA 95134 USA
   Phone: +1 408 853-9172
   EMail: cds@cisco.com

   H.K. Vivek
   Cisco Systems, Inc.
   71 Millers Rd
   Bangalore, India
   Phone: +91 80 2289933x5117
   EMail: hvivek@cisco.com

   Keith McCloghrie
   Cisco Systems, Inc.
   170 West Tasman Drive
   San Jose, CA 95134 USA
   Phone: +1 408 526-5260
   EMail: kzm@cisco.com

   Silvano Gai
   Nuova Systems
   3 West Plumeria Drive
   San Jose, CA 95134
   Phone: +1 408 387-6123
   EMail: sgai@nuovasystems.com






















DeSanti, et al.             Standards Track                    [Page 83]


RFC 4936                   FC Zone Server MIB                August 2007


Full Copyright Statement

   Copyright (C) The IETF Trust (2007).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

Acknowledgement

   Funding for the RFC Editor function is currently provided by the
   Internet Society.







DeSanti, et al.             Standards Track                    [Page 84]

mirror server hosted at Truenetwork, Russian Federation.