Network Working Group C. DeSanti Request for Comments: 4936 H.K. Vivek Category: Standards Track K. McCloghrie Cisco Systems S. Gai Nuova Systems August 2007 Fibre Channel Zone Server MIB Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for information related to a Fibre Channel Zone Server. DeSanti, et al. Standards Track [Page 1]
RFC 4936 FC Zone Server MIB August 2007 Table of Contents 1. Introduction ....................................................3 2. The Internet-Standard Management Framework ......................3 3. Overview of Fibre Channel .......................................3 3.1. General Overview ...........................................3 3.2. Zoning .....................................................4 3.3. Zoning Configuration and Management ........................5 4. Relationship to Other MIBs ......................................7 5. MIB Overview ....................................................8 5.1. Fibre Channel Management Instance ..........................8 5.2. Switch Index ...............................................8 5.3. Fabric Index ...............................................8 5.4. Locking the Fabric .........................................9 5.5. Basic and Enhanced Modes ..................................10 5.6. Persistent Storage ........................................10 5.7. The Active Zone Set and the Zone Set Database .............11 5.8. Conformance Groups ........................................12 6. The T11-FC-FABRIC-LOCK-MIB Module ..............................13 7. The T11-FC-ZONE-SERVER-MIB Module ..............................24 8. IANA Considerations ............................................79 9. Security Considerations ........................................79 10. Acknowledgements ..............................................80 11. Normative References ..........................................81 12. Informative References ........................................82 DeSanti, et al. Standards Track [Page 2]
RFC 4936 FC Zone Server MIB August 2007 1. Introduction This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for information related to a Fibre Channel network's Zone Server. This memo was previously approved by INternational Committee for Information Technology Standards (INCITS) Task Group T11.5 (http://www.t11.org); this document is a product of the IETF's IMSS working group. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC2119]. 2. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 3. Overview of Fibre Channel 3.1. General Overview The Fibre Channel (FC) is logically a bidirectional point-to-point serial data channel, structured for high performance. Fibre Channel provides a general transport vehicle for higher-level protocols such as Small Computer System Interface (SCSI) command sets, the High- Performance Parallel Interface (HIPPI) data framing, IP (Internet Protocol), IEEE 802.2, and others. Physically, Fibre Channel is an interconnection of multiple communication points, called N_Ports, interconnected either by a switching network, called a Fabric, or by a point-to-point link. A Fibre Channel "node" consists of one or more N_Ports. A Fabric may consist of multiple Interconnect Elements, some of which are DeSanti, et al. Standards Track [Page 3]
RFC 4936 FC Zone Server MIB August 2007 switches. An N_Port connects to the Fabric via a port on a switch called an F_Port. When multiple FC nodes are connected to a single port on a switch via an "Arbitrated Loop" topology, the switch port is called an FL_Port, and the nodes' ports are called NL_Ports. The term Nx_Port is used to refer to either an N_Port or an NL_Port. The term Fx_Port is used to refer to either an F_Port or an FL_Port. A switch port, which is interconnected to another switch port via an Inter-Switch Link (ISL), is called an E_Port. A B_Port connects a bridge device with an E_Port on a switch; a B_Port provides a subset of E_Port functionality. Many Fibre Channel components, including the Fabric, each node, and most ports, have globally unique names. These globally unique names are typically formatted as World Wide Names (WWNs). More information on WWNs can be found in [FC-FS]. WWNs are expected to be persistent across agent and unit resets. Fibre Channel frames contain 24-bit address identifiers that identify the frame's source and destination ports. Each FC port has both an address identifier and a WWN. For an Nx_Port, its WWN is called a N_Port_Name and its address identifier is called an N_Port_ID. When a Fabric is in use, the FC address identifiers are dynamic and are assigned by a switch. Each octet of a 24-bit address represents a level in an address hierarchy, with a Domain_ID being the highest level of the hierarchy. 3.2. Zoning Zones within a Fabric provide a mechanism to control frame delivery between Nx_Ports ("Hard Zoning") or to expose selected views of Name Server information ("Soft Zoning"). Communication is only possible when the communicating endpoints are members of a common zone. This technique is similar to virtual private networks in that the Fabric has the ability to group devices into Zones. Hard zoning and soft zoning are two different means of realizing this. Hard zoning is enforced in the Fabric (i.e., switches) whereas soft zoning is enforced at the endpoints (e.g., host bus adapters (HBAs)) by relying on the endpoints to not send traffic to an N_Port_ID not obtained from the Name Server with a few exceptions for well-known N_Port_IDs used to bootstrap the Fabric (e.g., talk to the Name Server). Administrators create Zones to increase network security and to prevent data loss or corruption by controlling access between devices or user groups. Zones may be specifically used to create: DeSanti, et al. Standards Track [Page 4]
RFC 4936 FC Zone Server MIB August 2007 a) Barriers between devices that use different operating systems. It is often critical to separate servers and storage devices with different operating systems because accidental transfer of information from one to another may delete or corrupt data; b) Logical subsets of closed user groups. Administrators may authorize access rights to specific Zones for specific user groups, thereby protecting confidential data from unauthorized access; c) Groups of devices that are separate from devices in the rest of a Fabric. Zones allow certain processes to be performed on devices in a group without interrupting devices in other groups; or d) Temporary access between devices for specific purposes. Administrators may remove Zone restrictions temporarily, then restore Zone restrictions to perform normal processes. 3.3. Zoning Configuration and Management Zones are configured via a Fabric Zone Server, using requests defined in [FC-GS-5]), or via the T11-FC-ZONE-SERVER-MIB module defined in this memo, or via some other mechanism. An Nx_Port may be a member of one or more Zones. Zone membership may be specified by: a) The N_Port_Name of the Nx_Port connected to the switch; b) The N_Port_ID assigned during Fabric Login; c) The Node_Name associated with the Nx_Port; note that the Node_Name may include more than one Nx_Port; d) The F_Port_Name of the Fx_Port to which the Nx_Port is connected; or e) The domain identifier (Domain_ID) and physical port number of the Switch Port to which the Nx_Port is attached. A Fabric's Zone Server may be used to create a Zone by specifying the Zone Members. One or more Zones may be collected into a Zone Set, and a Zone may be a member of more than one Zone Set. A Zone Set creates a collection of Zones that may be activated or deactivated as a single entity across all Switches in a Fabric (e.g., having two Zone Sets, one for normal operation, and a second for backup during off-hours). Only one Zone Set may be activated at one time. Other terminology defined in [FC-GS-5] is: an Active Zone Set is the Zone Set currently enforced by a Fabric; a Zone Set Database is a database of the Zone Sets available to be activated within a Fabric; DeSanti, et al. Standards Track [Page 5]
RFC 4936 FC Zone Server MIB August 2007 and a Zoning Database is a generic term used to indicate a combination of an Active Zone Set and a Zone Set Database. Two distinct sets of management requests, Enhanced and Basic, are defined in [FC-GS-5] to interact with a Fabric Zone Server. Basic Zoning provides compatibility with [FC-GS-4] and earlier versions of Fibre Channel's Generic Services specification. If all the Switches in a Fabric support the Enhanced request set, then it may be used to manage zoning; otherwise, only the Basic request set may be used, in order to support backward compatibility. In the context of Enhanced Zoning Management, a management action (i.e., write access to the Zoning Database) to the Zone Server can only occur inside a server session. A server session is set up using the FC-GS-5's Common Transport (CT) protocol defined in [FC-GS-5]. A server session is delimited by CT protocol requests, Server Session Begin (SSB) and Server Session End (SSE), which are directed to the Management Service and which have the GS_Subtype specifying the Zone Server. Query requests that result in read access to the Zoning Database are not required to be issued inside a server session, although the information returned is not guaranteed to be consistent when supplied outside of a server session. When setting up a server session for Enhanced Zoning, the Zone Server is required to lock the Fabric. This ensures serialized management access to the Zoning Database and guarantees a deterministic behavior. The switch that receives the SSB request is called the 'managing' switch, and it tries to lock the Fabric using the Fabric Management Session Protocol (see section 10.6 of [FC-SW-4]) by sending an Acquire Change Authorization (ACA) request to all other switches in the Fabric. If any switch(es) respond with an SW_RJT indicating failure, then the attempt to lock the Fabric fails and the SSB request is rejected. If all the other switches respond with an SW_ACC indicating success, then the Fabric is locked and the server session can be established. The subsequent SSE request causes a Release Change Authorization (RCA) request to all other switches, and thus, the Fabric to be unlocked. For at least one application other than Zoning, the managing switch uses a different type of request to lock the Fabric, i.e., it sends an Enhanced Acquire Change Authorization (EACA) request to all other switches in the Fabric. An EACA reserves local resources associated with a designated application to ensure the consistency of that application's data. The application is identified in the EACA using an Application_ID (see Table 116 in [FC-SW-4]). A lock that was established via an EACA is released using an Enhanced Release Change Authorization (ERCA) request. DeSanti, et al. Standards Track [Page 6]
RFC 4936 FC Zone Server MIB August 2007 Changes requested in a Zoning Database by Enhanced Zoning commands persist after the end of the Zoning (server) session only if the commands are followed, within the same server session, by a Commit Zone Changes (CMIT) request. On receipt of a CMIT request, the Zone Server checks that the Zoning Database as modified by the outstanding changes will pass the applicable consistency checks, and then distributes it to all other switches in the Fabric using a Stage Fabric Configuration Update (SFC) request. If all other switches accept the SFC request, then the "managing" switch sends an Update Fabric Configuration (UFC) Request to each other switch, and the staged Zoning Database thereby becomes the Fabric's (active) Zoning Database. The latest standard for an interconnecting Fabric containing multiple Fabric Switch elements is [FC-SW-4]. [FC-SW-4] carries forward the earlier specification for the operation of a single Fabric in a physical infrastructure, and augments it with the definition of Virtual Fabrics and with the specification of how multiple Virtual Fabrics can operate within one (or more) physical infrastructures. The use of Virtual Fabrics provides for each frame to be tagged in its header to indicate which one of several Virtual Fabrics that frame is being transmitted on. All frames entering a particular "Core Switch" [FC-SW-4] (i.e., a physical switch) on the same Virtual Fabric are processed by the same "Virtual Switch" within that Core switch. 4. Relationship to Other MIBs The Fibre Channel Management MIB [RFC4044] defines basic information for Fibre Channel hosts and switches, including extensions to the standard IF-MIB [RFC2863] for Fibre Channel interfaces. This MIB extends beyond [RFC4044] to cover the management of Fibre Channel Zoning Servers, both for Basic Zoning Management and for Enhanced Zoning Management, as defined in the FC-GS-5 specification. This MIB imports some common Textual Conventions from T11-TC-MIB, defined in [RFC4439]. It also imports a TC from T11-FC-NAME-SERVER- MIB, defined in [RFC4438], plus InetAddressType and InetAddress from INET-ADDRESS-MIB [RFC4001]. It also includes a reference to snmpCommunitySecurityName defined in [RFC3584]. DeSanti, et al. Standards Track [Page 7]
RFC 4936 FC Zone Server MIB August 2007 5. MIB Overview This document defines two MIB modules: T11-FC-FABRIC-LOCK-MIB and T11-FC-ZONE-SERVER-MIB. T11-FC-FABRIC-LOCK-MIB supports FC-GS-5's generic capability of locking the Fabric for a particular "application" such as (the management of) Enhanced Zoning. The MIB contains one table in which each entry represents a particular switch being the 'managing' switch of a particular application's Fabric lock. T11-FC-ZONE-SERVER-MIB is specific to the operation of Zone Servers, which can operate in Basic mode or in Enhanced mode. This MIB module imports the T11NsGs4RejectReasonCode textual convention defined in T11-FC-NAME-SERVER-MIB [RFC4438]. 5.1. Fibre Channel Management Instance A Fibre Channel management instance is defined in [RFC4044] as a separable managed instance of Fibre Channel functionality. Fibre Channel functionality may be grouped into Fibre Channel management instances in whatever way is most convenient for the implementation(s). For example, one such grouping accommodates a single SNMP agent having multiple AgentX [RFC2741] sub-agents, with each sub-agent implementing a different Fibre Channel management instance. The object, fcmInstanceIndex, is IMPORTed from the FC-MGMT-MIB [RFC4044] as the index value to uniquely identify each Fibre Channel management instance, for example, within the same SNMP context ([RFC3411], section 3.3.1). 5.2. Switch Index The FC-MGMT-MIB [RFC4044] defines the fcmSwitchTable as a table of information about Fibre Channel switches that are managed by Fibre Channel management instances. Each Fibre Channel management instance can manage one or more Fibre Channel switches. The Switch Index, fcmSwitchIndex, is IMPORTed from the FC-MGMT-MIB as the index value to uniquely identify a Fibre Channel switch amongst those (one or more) managed by the same Fibre Channel management instance. 5.3. Fabric Index Whether operating on a physical Fabric (i.e., without Virtual Fabrics) or within a Virtual Fabric, the operation of a Zone Server within a Fabric is identical. Therefore, this MIB defines all Fabric-related information in tables that are INDEXed by an arbitrary DeSanti, et al. Standards Track [Page 8]
RFC 4936 FC Zone Server MIB August 2007 integer, named a "Fabric Index", having the syntax, T11FabricIndex, which is IMPORTed from the T11-TC-MIB [RFC4439]. When a device is connected to a single physical Fabric, without use of any Virtual Fabrics, the value of this Fabric Index will always be 1. In an environment of multiple virtual and/or physical Fabrics, this index provides a means to distinguish one Fabric from another. It is quite possible, and may even be likely, that a Fibre Channel switch will have ports connected to multiple virtual and/or physical Fabrics. Thus, in order to simplify a management protocol query concerning all the Fabrics to which a single switch is connected, fcmSwitchIndex will be listed before an object with FabricIndex as its syntax when both appear in the same INDEX clause. 5.4. Locking the Fabric The T11-FC-FABRIC-LOCK-MIB module provides for the management of locks on a Fibre Channel Fabric. A Fibre Channel Fabric lock is used to ensure serialized access to some types of management data related to a Fabric, e.g., the Fabric's Zoning Database. Some (managing) applications obtain a lock by initiating server sessions and the Fabric is locked so as to reserve local resources in each Switch. For this usage, the managing switch sends an Acquire Change Authorization (ACA) request to other switches in order to lock the Fabric. For some other applications, a managing switch locks the Fabric using an Enhanced Acquire Change Authorization (EACA) request, which identifies the application on whose behalf the Fabric is being locked with an Application_ID. In this case, only local resources associated with the designated application are reserved. Locks established via ACAs and via EACAs are both represented in the t11FLockTable in the T11-FC-FABRIC-LOCK-MIB. The Application_ID provided by the EACA serves to distinguish between multiple concurrent locks established by EACAs. In order to use this same mechanism to distinguish a lock established via an ACA from each of those established via EACAs, an additional (special) value of Application_ID has been assigned [APPL-ID] for use by this MIB module. Specifically, this newly assigned value will never be used to indicate an Application locked by an EACA, and therefore this MIB module uses it to uniquely distinguish a lock established via an ACA. In other words, with this additional assignment, an Application_ID value can be used to uniquely identify any active lock amongst all those established (on the same Fabric) either by an EACA or an ACA. DeSanti, et al. Standards Track [Page 9]
RFC 4936 FC Zone Server MIB August 2007 5.5. Basic and Enhanced Modes The t11ZsServerOperationMode object indicates whether a Fabric's Zone Server is operating in Basic mode or Enhanced mode. These two modes have a sufficient amount of commonality to make it worthwhile to have one set of MIB objects that are used for the subset of functionality that is common to both modes. To accommodate the differences, additional MIB objects are defined. For Enhanced mode, the additional objects are defined in a group, t11ZsEnhancedModeGroup, which is only required to be implemented in a Zone Server capable of supporting Enhanced mode. The objects specific to Basic mode are always (even in Enhanced mode) expected to be implemented, but when in Enhanced mode, their values are either restricted or do not affect current operations, e.g., - an example of "restricted" is: the distribution of updates to the Zone Server database throughout the Fabric has to be requested explicitly in Basic mode; this functionality is provided in the MIB by the t11ZsServerDistribute object. In contrast, in Enhanced mode, the distribution is an implicit part of the commit function which is initiated using the t11ZsServerCommit object. Thus, when operating in Enhanced mode, t11ZsServerDistribute has a fixed value, and when operating in Basic mode, t11ZsServerCommit has a fixed value. - an example of "do not affect current operations" is: t11ZsServerHardZoning, which specifies whether a switch enforces hard Zoning on a Fabric when in Basic mode. This object is instantiated and could even be modified while in Enhanced mode, but its value only takes effect when in Basic mode. (Note that in Enhanced mode, t11ZsActiveZoneHardZoning specifies whether hard Zoning is enabled on a particular Zone.) 5.6. Persistent Storage A Zone Server Database for a given Fabric consists of the combination of many of the tables defined in this MIB module. In order to ensure that such a Database is consistent, this MIB module defines just one object (t11ZsServerDatabaseStorageType) with a syntax of StorageType, whose value for a given Fabric is defined to be applicable to all of that Fabric's Zone Server Database as defined in all the tables in this MIB module. DeSanti, et al. Standards Track [Page 10]
RFC 4936 FC Zone Server MIB August 2007 5.7. The Active Zone Set and the Zone Set Database As described in FC-GS-5 [FC-GS-5], one of the Zone Sets in the Zone Set Database can be activated to become the Active Zone Set, i.e., the one which is enforced on the Fabric. Get/Add/Remove-type requests are defined in FC-GS-5 to allow access to the Zone Set Database. When the Zone Set Database is modified, such modifications don't affect the Active Zone Set unless and until a subsequent activation. Interaction directly with the Active Zone Set is also possible via the FC-GS-5 requests: 'Activate Direct' and 'Get Active Zone Set'. This is illustrated in the following rendition of Figure 15 of [FC-GS-5]: Zone Set Database +------------------+ | +--------------+ | Get | | Zone Set A | | <=========| |(zones, zone | | | | members,etc.)| | | +--------------+ | Add/ | | Zone Set B | | Activate +------------+ Remove | +------------+ | Zone Set | | =========>| |Zone Set C| |================>| | | +----------+ | | Active | +------------------+ | Zone | | Set | Get Active Zone Set | (enforced) | <==============================================| | | | Activate Direct | | ==============================================>| | | | Deactivate | | ==============================================>| | +------------+ The T11-FC-ZONE-SERVER-MIB module, defined in section 7, models the above structure by having one set of MIB tables for the Zone Set Database and a separate set for the Active Zone Set, specifically: - seven tables for the Zone Set Database: t11ZsSetTable, t11ZsZoneTable, t11ZsSetZoneTable, t11ZsAliasTable, t11ZsZoneMemberTable, t11ZsAttribBlockTable and t11ZsAttribTable. - four tables for the Active Zone Set: t11ZsActiveTable, t11ZsActiveZoneTable, t11ZsActiveZoneMemberTable and t11ZsActiveAttribTable. DeSanti, et al. Standards Track [Page 11]
RFC 4936 FC Zone Server MIB August 2007 5.8. Conformance Groups 5.8.1. The t11ZsBasicGroup This group contains objects to retrieve and to modify the Zoning configuration of a Zone Server capable of operating in Basic mode. 5.8.2. The t11ZsEnhancedModeGroup This group contains objects to retrieve and to modify the Zoning configuration of a Zone Server capable of operating in Enhanced mode. 5.8.3. The t11ZsActivateGroup This group contains objects that allow a Zone Set to be activated via SNMP SetRequests and provide the status and result of such an activation. 5.8.4. The t11ZsStatisticsGroup This group contains objects for collecting Zone Server statistics. 5.8.5. The t11ZsNotificationGroup This group contains notifications for monitoring: Zone merge successes and failures, Zone Server request rejections, changes in the Default Zoning behavior, and the success or failure of an attempt to activate or deactivate a Zone Set. 5.8.5.1. Flow-Control for Notifications When defining SNMP notifications for events that occur in the data- plane, the maximum frequency of their generation needs to be considered. Unless there is some limiting factor, such notifications need to be flow-controlled in some way, e.g., defined such that after some maximum number have occurred within a specified time interval, further notifications are suppressed for some subsequent time interval. However, as and when such a suppression occurs, the Network Management System (NMS) that didn't receive the notifications (because they were suppressed) needs an indication of how many were suppressed. Therefore, an additional Counter32 object needs to be defined, and/or a new type of notification needs to be defined for use at the end of the interval. While this is extra complexity, it is necessary for notifications that need to be flow-controlled. In contrast, for notifications such as all those defined in this MIB module, which are generated due to control-plane events (and are not able to start a chain reaction): DeSanti, et al. Standards Track [Page 12]
RFC 4936 FC Zone Server MIB August 2007 - estimating the maximum number that could be generated per unit time for each type of notification is too simplistic. For example, it's unreasonable to ask how many of the t11ZsDefZoneChangeNotify notifications can be generated in a time interval because it depends on several factors: how many operators can be re- configuring the network at the same time? and how frequently can each of them change the Default Zone Setting? - the extra complexity of flow-controlling these types of notifications is not warranted. 5.8.6. The t11ZsNotificationControlGroup This group contains objects that allow each type of notification (in the t11ZsNotificationGroup group) to be independently enabled or disabled. It also contains objects that are used to include useful information in those notifications; these objects are defined as read-only to allow the values contained in the most recent notification to be queried. 6. The T11-FC-FABRIC-LOCK-MIB Module T11-FC-FABRIC-LOCK-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, mib-2 FROM SNMPv2-SMI -- [RFC2578] RowStatus FROM SNMPv2-TC -- [RFC2579] MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580] InetAddressType, InetAddress FROM INET-ADDRESS-MIB -- [RFC4001] fcmInstanceIndex, fcmSwitchIndex FROM FC-MGMT-MIB -- [RFC4044] T11NsGs4RejectReasonCode FROM T11-FC-NAME-SERVER-MIB -- [RFC4438] T11FabricIndex FROM T11-TC-MIB; -- [RFC4439] t11FabricLockMIB MODULE-IDENTITY LAST-UPDATED "200706270000Z" ORGANIZATION "For the initial versions, T11. For later versions, the IETF's IMSS Working Group." CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com Keith McCloghrie DeSanti, et al. Standards Track [Page 13]
RFC 4936 FC Zone Server MIB August 2007 Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: kzm@cisco.com" DESCRIPTION "The MIB module for the management of locks on a Fibre Channel Fabric. A Fibre Channel Fabric lock is used to ensure serialized access to some types of management data related to a Fabric, e.g., the Fabric's Zoning Database. Some (managing) applications generate Fabric locks by initiating server sessions. Server sessions are defined generically in FC-GS-5 to represent a collection of one or more requests to the session's server, e.g., to the Zone Server. Such a session is started by a Server Session Begin (SSB) request, and terminated by a Server Session End (SSE) request. The switch receiving the SSB is called the 'managing' switch. Some applications require the 'managing' switch to lock the Fabric for the particular application, e.g., for Enhanced Zoning, before it can respond successfully to the SSB. On receipt of the subsequent SSE, the lock is released. For this usage, the managing switch sends an Acquire Change Authorization (ACA) request to other switches to lock the Fabric. For some other applications, a managing switch locks the Fabric using an Enhanced Acquire Change Authorization (EACA) request, which identifies the application on whose behalf the Fabric is being locked with an Application_ID. Fabric locks can also be requested more directly, e.g., through the use of this MIB. In these situations, the term 'managing' switch is used to indicate the switch that receives such a request and executes it by issuing either ACA or EACA requests to other switches in the Fabric. This MIB module defines information about the 'managing' switch for currently-active Fabric locks. Copyright (C) The IETF Trust (2007). This version of this MIB module is part of RFC 4936; see the RFC itself for full legal notices." REVISION "200706270000Z" DESCRIPTION "Initial version of this MIB module, published as RFC 4936." ::= { mib-2 159 } DeSanti, et al. Standards Track [Page 14]
RFC 4936 FC Zone Server MIB August 2007 t11FLockMIBObjects OBJECT IDENTIFIER ::= { t11FabricLockMIB 1 } t11FLockMIBConformance OBJECT IDENTIFIER ::= { t11FabricLockMIB 2 } t11FLockMIBNotifications OBJECT IDENTIFIER ::= { t11FabricLockMIB 0 } t11FLockConfiguration OBJECT IDENTIFIER ::= { t11FLockMIBObjects 1 } -- -- The table of Managing Switches and their Fabric Locks -- t11FLockTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FLockEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about the 'managing' switch of each current Fabric lock, e.g., for the types of Servers defined in FC-GS-5. Each entry in this table represents either: 1) a current Fabric lock, 2) an in-progress attempt, requested via SNMP, to set up a lock, or 3) a failed attempt, requested via SNMP, to set up a lock. If an entry is created via t11FLockRowStatus, but the attempt to obtain the lock fails, then the entry continues to exist until it is deleted via t11FLockRowStatus, or it is overwritten by the lock being established via a means other than SNMP. However, rows created via t11FLockRowStatus are not retained over restarts." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, sections 4.9.5 and 6.4.10.2." ::= { t11FLockConfiguration 1 } t11FLockEntry OBJECT-TYPE SYNTAX T11FLockEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information specific to a current Fabric lock set up by a particular 'managing' switch on a particular Fabric. The 'managing switch' is identified by values of fcmInstanceIndex and fcmSwitchIndex. Server sessions for several different types of servers are defined in FC-GS-5. The behavior of a server with DeSanti, et al. Standards Track [Page 15]
RFC 4936 FC Zone Server MIB August 2007 respect to commands received within a server session is specified for each type of server. For some types, parameter changes can only be made within the context of a session, and the setting up of a session requires that the Fabric be locked. A Fabric is locked by one switch, called the 'managing' switch, sending Acquire Change Authorization (ACA) requests to all other switches in the Fabric. For other applications, a Fabric lock is established by the 'managing' switch sending Enhanced Acquire Change Authorization (EACA) requests to other switches in the Fabric. Each EACA request includes an Application_ID value to identify the application requesting the lock. For the benefit of this MIB module, a distinct value of Application_ID has also been assigned/reserved (see ANSI INCITS T11/06-679v0, titled 'FC-SW-5 Letter to T11.5') as a means of distinguishing locks established via Acquire Change Authorization (ACA) requests. This additional assignment allows an Application_ID to be used to uniquely identify any active lock amongst all those established by either an EACA or an ACA. Whenever a Fabric is locked, by the sending of either an ACA or an EACA, a row gets created in the representation of this table for the 'managing' switch. In order to process SNMP SetRequests that make parameter changes for the relevant types of servers (e.g., to the Zoning Database), the SNMP agent must get serialized access to the Fabric (for the relevant type of management data), i.e., the Fabric must be locked by creating an entry in this table via an SNMP SetRequest. Creating an entry in this table via an SNMP SetRequest causes an ACA or an EACA to be sent to all other switches in the Fabric. The value of t11FLockApplicationID for such an entry determines whether an ACA or an EACA is sent. If an entry in this table is created by an SNMP SetRequest, the value of the t11FLockInitiatorType object in that entry will normally be 'snmp'. A row for which the value of t11FLockInitiatorType is not 'snmp' cannot be modified via SNMP. In particular, it cannot be deleted via t11FLockRowStatus. Note that it's possible for a row to be created by an SNMP SetRequest, but for the setup of the lock to fail, and immediately thereafter be replaced by a lock successfully set up by some other means; in such a case, the value of t11FLockInitiatorType would change as and when the DeSanti, et al. Standards Track [Page 16]
RFC 4936 FC Zone Server MIB August 2007 lock was set up by the other means, and so the row could not thereafter be deleted via t11FLockRowStatus. FC-GS-5 mentions various error situations in which a Fabric lock is released so as to avoid a deadlock. In such situations, the agent removes the corresponding row in this table as and when the lock is released. This can happen for all values of t11FLockInitiatorType." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, sections 4.9.5.5 and 6.4.7.1. Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, sections 6.1.17, 10.6.6, and 13.2, and table 116. 'FC-SW-5 Letter to T11.5' ANSI INCITS T11/06-679v0, http://www.t11.org/ftp/t11/pub/fc/sw-5/06-679v0.pdf, 21 September 2006." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11FLockFabricIndex, t11FLockApplicationID } ::= { t11FLockTable 1 } T11FLockEntry ::= SEQUENCE { t11FLockFabricIndex T11FabricIndex, t11FLockApplicationID OCTET STRING, t11FLockInitiatorType INTEGER, t11FLockInitiator OCTET STRING, t11FLockInitiatorIpAddrType InetAddressType, t11FLockInitiatorIpAddr InetAddress, t11FLockStatus INTEGER, t11FLockRejectReasonCode T11NsGs4RejectReasonCode, t11FLockRejectReasonCodeExp OCTET STRING, t11FLockRejectReasonVendorCode OCTET STRING, t11FLockRowStatus RowStatus } t11FLockFabricIndex OBJECT-TYPE SYNTAX T11FabricIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index value that uniquely identifies a particular Fabric. In a Fabric conformant to FC-SW-4, multiple Virtual Fabrics can operate within one (or more) physical infrastructures, and this index value is used to uniquely identify a DeSanti, et al. Standards Track [Page 17]
RFC 4936 FC Zone Server MIB August 2007 particular (physical or virtual) Fabric within a physical infrastructure. In a Fabric conformant to versions earlier than FC-SW-4, only a single Fabric could operate within a physical infrastructure, and thus, the value of this Fabric Index was defined to always be 1." ::= { t11FLockEntry 1 } t11FLockApplicationID OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Application_ID value that identifies the type of application for which the Fabric is locked. A lock established via Acquire Change Authorization (ACA) does not, strictly speaking, have an Application_ID value. However, the value 'FF'h (255 decimal) has been reserved by T11 to be used as the value of this MIB object as and when a lock is established by an ACA. This value was initially documented in a letter from the FC-SW-5 Editor to T11.5, which was approved by the T11 and T11.5 plenary meetings on October 5, 2006." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, Table 116. 'FC-SW-5 Letter to T11.5' ANSI INCITS T11/06-679v0, http://www.t11.org/ftp/t11/pub/fc/sw-5/06-679v0.pdf, 21 September 2006." ::= { t11FLockEntry 2 } t11FLockInitiatorType OBJECT-TYPE SYNTAX INTEGER { other(1), ssb(2), cli(3), snmp(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies what type of initiator generated the request that caused this lock to be established: other - none of the following. DeSanti, et al. Standards Track [Page 18]
RFC 4936 FC Zone Server MIB August 2007 ssb - this lock was established due to the receipt of an SSB, e.g., from a GS-5 client. cli - this lock was established in order to process a Command Line Interface (CLI) command. snmp - this lock was established as a result of an SNMP SetRequest. " ::= { t11FLockEntry 3 } t11FLockInitiator OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the initiator whose request caused this lock to be established. If the value of the corresponding instance of t11FLockInitiatorType is 'ssb', this object will contain the FC_ID of the client that issued the Server Session Begin (SSB) that required the lock to be established. If the value of the corresponding instance of t11FLockInitiatorType object is 'cli', this object will contain the user name of the CLI (Command Line Interface) user on whose behalf the lock was established. If the value of the corresponding instance of t11FLockInitiatorType is 'snmp', this object will contain the SNMP securityName used by the SNMPv3 message containing the SetRequest that created this row. (If the row was created via SNMPv1 or SNMPv2c, then the appropriate value of the snmpCommunitySecurityName is used.)" REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 4.9.5.2. SNMP securityName is defined in RFC 3411, 'An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks'. snmpCommunitySecurityName is defined in RFC 3584, 'Coexistence between Version 1, Version 2, and DeSanti, et al. Standards Track [Page 19]
RFC 4936 FC Zone Server MIB August 2007 Version 3 of the Internet-standard Network Management Framework.'" ::= { t11FLockEntry 4 } t11FLockInitiatorIpAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the type of IP address contained in the corresponding instance of t11FLockInitiatorIpAddr. If the IP address of the location of the initiator is unknown or not applicable, this object has the value: 'unknown'." ::= { t11FLockEntry 5 } t11FLockInitiatorIpAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the IP address of the location of the initiator that established this lock via a request of the type given by the corresponding instance of t11FLockInitiatorType. In cases where the corresponding instance of t11FLockInitiatorIpAddrType has the value: 'unknown', the value of this object is the zero-length string." ::= { t11FLockEntry 6 } t11FLockStatus OBJECT-TYPE SYNTAX INTEGER { active(1), settingUp(2), rejectFailure(3), otherFailure(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object gives the current status of the lock: 'active' -- the lock is currently established. 'settingUp' -- the 'managing' switch is currently attempting to set up the lock, e.g., it is waiting to receive Accepts for ACAs from every switch in the Fabric. DeSanti, et al. Standards Track [Page 20]
RFC 4936 FC Zone Server MIB August 2007 'rejectFailure' -- the 'managing' switch's attempt to set up the lock was rejected with the reason codes given by: t11FLockRejectReasonCode, t11FLockRejectReasonCodeExp and t11FLockRejectReasonVendorCode. 'otherFailure' -- the 'managing' switch's attempt to set up the lock failed (but no reason codes are available). For values of t11FLockInitiatorType other than 'snmp', a row is only required to be instantiated in this table when the value of this object is 'active'. If the value of the corresponding instance of t11FLockInitiatorType is 'snmp', the initial value of this object when the row is first created is 'settingUp'. As and when the setup succeeds, the value transitions to 'active'. If the setup fails, the value transitions to either 'rejectFailure' or 'otherFailure'. Note that such a failure value is overwritten on the next attempt to obtain the lock, which could be immediately after the failure, e.g., by a GS-5 client. When the value of this object is 'rejectFailure', the rejection's reason codes are given by the corresponding values of t11FLockRejectReasonCode, t11FLockRejectReasonCodeExp and t11FLockRejectReasonVendorCode." ::= { t11FLockEntry 7 } t11FLockRejectReasonCode OBJECT-TYPE SYNTAX T11NsGs4RejectReasonCode MAX-ACCESS read-only STATUS current DESCRIPTION "When the value of the corresponding instance of t11FLockStatus is 'rejectFailure', this object contains the rejection's reason code." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 4.4.4 and table 10." ::= { t11FLockEntry 8 } t11FLockRejectReasonCodeExp OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0 | 1)) MAX-ACCESS read-only STATUS current DeSanti, et al. Standards Track [Page 21]
RFC 4936 FC Zone Server MIB August 2007 DESCRIPTION "When the value of the corresponding instance of t11FLockStatus is 'rejectFailure', this object contains the rejection's reason code explanation." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, sections 4.4.4 and 6.4.9, tables 10 and 252." ::= { t11FLockEntry 9 } t11FLockRejectReasonVendorCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0 | 1)) MAX-ACCESS read-only STATUS current DESCRIPTION "When the value of the corresponding instance of t11FLockStatus is 'rejectFailure', this object contains the rejection's vendor-specific code." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 4.4.4." ::= { t11FLockEntry 10 } t11FLockRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. A row in this table can be modified or deleted via this object only when the row's value of t11FLockInitiatorType is 'snmp'." ::= { t11FLockEntry 11 } -- Conformance t11FLockMIBCompliances OBJECT IDENTIFIER ::= { t11FLockMIBConformance 1 } t11FLockMIBGroups OBJECT IDENTIFIER ::= { t11FLockMIBConformance 2 } t11FLockMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that support Fabric locks in support of GS-5 Server applications." MODULE MANDATORY-GROUPS { t11FLockActiveGroup } DeSanti, et al. Standards Track [Page 22]
RFC 4936 FC Zone Server MIB August 2007 OBJECT t11FLockRowStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { t11FLockMIBCompliances 1 } -- Units of Conformance t11FLockActiveGroup OBJECT-GROUP OBJECTS { t11FLockInitiatorType, t11FLockInitiator, t11FLockInitiatorIpAddrType, t11FLockInitiatorIpAddr, t11FLockStatus, t11FLockRejectReasonCode, t11FLockRejectReasonCodeExp, t11FLockRejectReasonVendorCode, t11FLockRowStatus } STATUS current DESCRIPTION "A collection of objects containing information about current Fabric locks." ::= { t11FLockMIBGroups 1 } END DeSanti, et al. Standards Track [Page 23]
RFC 4936 FC Zone Server MIB August 2007 7. The T11-FC-ZONE-SERVER-MIB Module T11-FC-ZONE-SERVER-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, mib-2, Counter32, Unsigned32 FROM SNMPv2-SMI -- [RFC2578] MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF -- [RFC2580] TEXTUAL-CONVENTION, RowStatus, StorageType, TruthValue, TimeStamp FROM SNMPv2-TC -- [RFC2579] SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- [RFC3411] ifIndex FROM IF-MIB -- [RFC2863] fcmInstanceIndex, fcmSwitchIndex, FcNameIdOrZero, FcDomainIdOrZero FROM FC-MGMT-MIB -- [RFC4044] T11NsGs4RejectReasonCode FROM T11-FC-NAME-SERVER-MIB -- [RFC4438] T11FabricIndex FROM T11-TC-MIB -- [RFC4439] t11FamLocalSwitchWwn FROM T11-FC-FABRIC-ADDR-MGR-MIB; -- [RFC4439] t11ZoneServerMIB MODULE-IDENTITY LAST-UPDATED "200706270000Z" ORGANIZATION "For the initial versions, T11. For later versions, the IETF's IMSS Working Group." CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: kzm@cisco.com" DESCRIPTION "The MIB module for the management of Fibre Channel Zoning Servers, both for Basic Zoning Management and for Enhanced DeSanti, et al. Standards Track [Page 24]
RFC 4936 FC Zone Server MIB August 2007 Zoning Management, as defined in the FC-GS-5 specification. FC-GS-5 defines (in-band) management operations for manipulating the Zone Set Database, some for use in Basic mode (e.g., 'Add Zone Set (AZS)', etc.), and some for use in Enhanced mode (e.g., Create Zone Set (CZS)', etc.). When Enhanced Zoning Management is in use, FC-GS-5 requires that these in-band management operations be rejected unless they are issued within the context of a GS-5 server session. The use of a server session ensures serialized access to the Zoning Database since the Fabric lock for the Zone Server must be obtained as a part of establishing the server session to the Zone Server. Thus, if and when this MIB is used for Enhanced Zoning Management, SNMP SetRequests that request the modification of zoning definitions must be serialized with respect to the GS-5 requests to modify the Zoning Database. This is achieved by requiring that an SNMP management application must first obtain the Fabric lock for the Zone Server before attempting to modify any zoning definitions. The companion T11-FC-FABRIC-LOCK-MIB module is defined as a means of obtaining the Fabric lock for the Zone Server (or any other server). In Enhanced Zoning Management, a Zone Server keeps track of changes requested in the zoning definitions, but does not update its Zone Set Database unless there is (and until there is) a 'commit' operation. To model this behavior, this MIB module assumes that a Zone Server (in Enhanced mode) takes a snapshot of its Zone Set Database as and when the Fabric lock (for the Zone Server application) is obtained; this snapshot is used to create what is herein called the 'copy' database. It is this 'copy' database that is then updated by SNMP SetRequests (while the Fabric is locked). If and when a 'commit' operation is requested (while the Fabric is still locked), the 'copy' database is then used to overwrite the previously committed contents of the Zone Set Database, and the new Zone Set Database is distributed to all other switches in the Fabric. When the lock is released, any changes made that were not 'committed' are discarded. When this MIB is used for Basic Zoning Management, the same set of MIB objects as used for Enhanced mode are used to make changes to the Database of a Zone Server on a particular switch, but the changes take immediate effect at that switch without an explicit commit. The distribution of DeSanti, et al. Standards Track [Page 25]
RFC 4936 FC Zone Server MIB August 2007 those changes to Zone Servers on other switches in the Fabric is subsequently requested through the use of a separate set of MIB objects. The management information specified in this MIB module includes the Zoning Database for each of one or more Fibre Channel Fabrics. A Zoning Database is a combination of the Fabric's Zone Set Database and its Active Zone Set. The Active Zone Set is the Zone Set currently enforced by the Fabric; a Zone Set Database is a database of the Zone Sets available to be activated within a Fabric. All the MIB objects representing a Zone Set Database are modifiable at any time (irrespective of the value of any RowStatus object), whereas all objects representing the Active Zone Set are always read-only (except to deactivate it and/or activate a different one). Copyright (C) The IETF Trust (2007). This version of this MIB module is part of RFC 4936; see the RFC itself for full legal notices." REVISION "200706270000Z" DESCRIPTION "Initial version of this MIB module, published as RFC 4936." ::= { mib-2 160 } t11ZsMIBObjects OBJECT IDENTIFIER ::= { t11ZoneServerMIB 1 } t11ZsMIBConformance OBJECT IDENTIFIER ::= { t11ZoneServerMIB 2 } t11ZsMIBNotifications OBJECT IDENTIFIER ::= { t11ZoneServerMIB 0 } t11ZsConfiguration OBJECT IDENTIFIER ::= { t11ZsMIBObjects 1 } t11ZsStatistics OBJECT IDENTIFIER ::= { t11ZsMIBObjects 2 } -- Textual Conventions T11ZsZoneMemberType ::= TEXTUAL-CONVENTION DISPLAY-HINT "x" STATUS current DESCRIPTION "Represents the addressing mechanism by which a member is identified: 01 - N_Port_Name 02 - Domain_ID and physical port 03 - N_Port_ID 04 - Node_Name 05 - Alias Name 06 - F_Port_Name E0-FF (hex) - Vendor Specific. " DeSanti, et al. Standards Track [Page 26]
RFC 4936 FC Zone Server MIB August 2007 REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.8.3.6." SYNTAX Unsigned32 (0..255) T11ZsRejectReasonExplanation ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The reason code explanation when rejecting a Zone Server request: 'other' - e.g., a reason code assigned too recently to be included in this version of this MIB 'noAdditionalExplanation' - there is no additional explanation 'zonesNotSupported' - Zones are not supported 'zoneSetNameUnknown' - Zone Set name is not known 'noZoneSetActive' - no Zone Set is currently active 'zoneNameUnknown' - Zone name is unknown 'zoneStateUnknown' - state of the Zone is not known 'incorrectPayloadLen' - payload length is not correct 'tooLargeZoneSet' - Zone Set is larger than permitted size 'deactivateZoneSetFailed' - deactivation of Zone Set failed 'reqNotSupported' - request is not supported 'capabilityNotSupported' - capability is not supported 'zoneMemberIDTypeNotSupp' - Zone Member Identifier Type is not supported 'invalidZoneSetDefinition' - Zone Set definition is invalid 'enhancedZoningCmdsNotSupported' - Enhanced Zoning commands are not supported 'zoneSetExists' - Zone Set already exists 'zoneExists' - Zone already exists 'aliasExists' - Zone Alias already exists DeSanti, et al. Standards Track [Page 27]
RFC 4936 FC Zone Server MIB August 2007 'zoneSetUnknown' - Zone Set unknown 'zoneUnknown' - Zone unknown 'aliasUnknown' - Zone Alias unknown 'zoneAliasTypeUnknown' - unknown Zone attribute type 'unableEnhancedMode' - Fabric unable to work in Enhanced Mode 'basicZoningCmdsNotSupported' - Basic Zoning commands are not supported 'zoneAttribObjectExists' - Zone attribute object already exists 'zoneAttribObjectUnknown' - Zone attribute object unknown 'requestInProcess' - request in process 'cmitInProcess' - CMIT in process 'hardEnforcementFailed' - hard enforcement failed 'unresolvedReferences' - unresolved references in the Zone Set Database 'consistencyChecksFailed' - consistency checks failed." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.9." SYNTAX INTEGER { other(1), noAdditionalExplanation(2), zonesNotSupported(3), zoneSetNameUnknown(4), noZoneSetActive(5), zoneNameUnknown(6), zoneStateUnknown(7), incorrectPayloadLen(8), tooLargeZoneSet(9), deactivateZoneSetFailed(10), reqNotSupported(11), capabilityNotSupported(12), zoneMemberIDTypeNotSupp(13), invalidZoneSetDefinition(14), enhancedZoningCmdsNotSupported(15), zoneSetExists(16), zoneExists(17), aliasExists(18), DeSanti, et al. Standards Track [Page 28]
RFC 4936 FC Zone Server MIB August 2007 zoneSetUnknown(19), zoneUnknown(20), aliasUnknown(21), zoneAliasTypeUnknown(22), unableEnhancedMode(23), basicZoningCmdsNotSupported(24), zoneAttribObjectExists(25), zoneAttribObjectUnknown(26), requestInProcess(27), cmitInProcess(28), hardEnforcementFailed(29), unresolvedReferences(30), consistencyChecksFailed(31) } T11ZoningName ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This datatype is a refinement of an SnmpAdminString, and is used to represent a name stored in a Fibre Channel Zoning Data Structure. The value begins with an ASCII letter (upper or lower case) followed by zero or more characters from the set: lower case letters, upper case letters, numbers, and the symbols ($-^_). The value does not include fill bytes." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.8.1." SYNTAX OCTET STRING (SIZE (1..64)) -- -- The table of Zone Servers -- t11ZsServerTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about the Zone Servers on each Fabric in one or more switches, and providing the capability to perform operations on their Zone Server databases." ::= { t11ZsConfiguration 1 } DeSanti, et al. Standards Track [Page 29]
RFC 4936 FC Zone Server MIB August 2007 t11ZsServerEntry OBJECT-TYPE SYNTAX T11ZsServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information specific to a Zone Server for a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). The persistence across reboots of writable values in a row of this table is given by the instance of t11ZsServerDatabaseStorageType in that row." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex } ::= { t11ZsServerTable 1 } T11ZsServerEntry ::= SEQUENCE { t11ZsServerFabricIndex T11FabricIndex, t11ZsServerCapabilityObject BITS, t11ZsServerDatabaseStorageType StorageType, t11ZsServerDistribute INTEGER, t11ZsServerCommit INTEGER, t11ZsServerResult INTEGER, t11ZsServerReasonCode T11NsGs4RejectReasonCode, t11ZsServerReasonCodeExp OCTET STRING, t11ZsServerReasonVendorCode OCTET STRING, t11ZsServerLastChange TimeStamp, t11ZsServerHardZoning TruthValue, t11ZsServerReadFromDatabase INTEGER, t11ZsServerOperationMode INTEGER, t11ZsServerChangeModeResult INTEGER, t11ZsServerDefaultZoneSetting INTEGER, t11ZsServerMergeControlSetting INTEGER, t11ZsServerDefZoneBroadcast TruthValue } t11ZsServerFabricIndex OBJECT-TYPE SYNTAX T11FabricIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index value that uniquely identifies a particular Fabric." ::= { t11ZsServerEntry 1 } t11ZsServerCapabilityObject OBJECT-TYPE DeSanti, et al. Standards Track [Page 30]
RFC 4936 FC Zone Server MIB August 2007 SYNTAX BITS { enhancedMode(0), zoneSetDb(1), activateDirect(2), hardZoning(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "This bitmap represents the capability of the switch on this Fabric: 'enhancedMode' - able to support enhanced Zoning mode of operation. 'zoneSetDb' - able to support maintaining of a Zone Set Database. 'activateDirect' - able to support the Activate Direct command. 'hardZoning' - able to support Hard Zoning." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, section 6.1.23.4.4" ::= { t11ZsServerEntry 2 } t11ZsServerDatabaseStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the memory realization, on a particular switch, of the Zone Set database for a particular Fabric. Specifically, each row in the following tables: t11ZsSetTable t11ZsZoneTable t11ZsSetZoneTable t11ZsAliasTable t11ZsZoneMemberTable t11ZsAttribBlockTable t11ZsAttribTable has a StorageType as specified by the instance of this object that is INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and DeSanti, et al. Standards Track [Page 31]
RFC 4936 FC Zone Server MIB August 2007 t11ZsServerFabricIndex. The value of this object is also used to indicate the persistence across reboots of writable values in its row of the t11ZsServerTable, as well as the corresponding row in the t11ZsNotifyControlTable. If an instance of this object has the value 'permanent(4)', the Zone Set database for the given Fabric on the given switch is not required to be writeable." DEFVAL { nonVolatile } ::= { t11ZsServerEntry 3 } t11ZsServerDistribute OBJECT-TYPE SYNTAX INTEGER { noop(1), zoneSetDb(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object can be set only in Basic mode. When set to the value 'zoneSetDb', it requests that the Zone Set database of a particular switch for a particular Fabric be distributed to every other switch in that Fabric, e.g., by using Stage Fabric Configuration Update (SFC) and Update Fabric Configuration (UFC) requests. Setting this object to 'noop' has no effect. When read, the value of this object is always 'noop'. When the corresponding instance of t11ZsServerOperationMode has the value 'enhanced', or when the corresponding instance of t11ZsZoneSetResult has the value 'inProgress', it is inconsistent to try to set the value of this object." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, section 6.1.19.1." ::= { t11ZsServerEntry 4 } t11ZsServerCommit OBJECT-TYPE SYNTAX INTEGER { commitZoneChanges(1), noop(2) } MAX-ACCESS read-write STATUS current DeSanti, et al. Standards Track [Page 32]
RFC 4936 FC Zone Server MIB August 2007 DESCRIPTION "This object is only used in Enhanced mode. In Enhanced mode, it can only be modified when the Fabric lock for the Zone Server on the particular Fabric has been obtained for use by SNMP SetRequests, and even then, only by the SNMP entity identified by the value of corresponding instance of t11FLockInitiator. Setting the object requests an action: commitZoneChanges - requests that the changes made within this session to the Zone Set Database be committed. noop - requests nothing. When read, the value is always 'noop'." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.10.2." ::= { t11ZsServerEntry 5 } t11ZsServerResult OBJECT-TYPE SYNTAX INTEGER { none(1), inProgress(2), success(3), rejectFailure(4), otherFailure(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "In Basic mode, this object indicates the status/result of the last distribution of the Zone Set database that was invoked via the corresponding instance of t11ZsZoneSetDistribute, e.g., the status/result of Stage Fabric Configuration Update (SFC) request(s) used to implement the setting of t11ZsZoneSetDistribute. In Enhanced mode, this object indicates the status/result of the last commit of changes to the Zone Set database that was invoked via the corresponding instance of t11ZsServerCommit. 'none' - no distribution/commit invoked via the corresponding instance of t11ZsZoneSetDistribute (Basic mode) DeSanti, et al. Standards Track [Page 33]
RFC 4936 FC Zone Server MIB August 2007 or t11ZsServerCommit (Enhanced mode). 'inProgress' - distribution/commit is still in progress. 'success' - distribution/commit completed successfully. 'rejectFailure' - distribution/commit failed due to an SW_RJT. 'otherFailure' - distribution/commit failed for some other reason. When the value is 'rejectFailure', the corresponding instances of t11ZsServerReasonCode, t11ZsServerReasonCodeExp and t11ZsServerReasonVendorCode contain the reason codes. " REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.10.2.3." ::= { t11ZsServerEntry 6 } t11ZsServerReasonCode OBJECT-TYPE SYNTAX T11NsGs4RejectReasonCode MAX-ACCESS read-only STATUS current DESCRIPTION "When the corresponding instance of t11ZsZoneSetResult has the value 'rejectFailure', this object contains the rejection's reason code. When the corresponding instance of t11ZsServerResult has a value other than 'rejectFailure', this object should contain the value 'none'." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, section 6.1.3 and tables 4, 5, and 6." ::= { t11ZsServerEntry 7 } t11ZsServerReasonCodeExp OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0 | 1)) MAX-ACCESS read-only STATUS current DESCRIPTION "When the corresponding instance of t11ZsZoneSetResult has the value 'rejectFailure', this object contains the rejection's reason code explanation. When the corresponding instance of t11ZsServerResult has a value other than 'rejectFailure', this object DeSanti, et al. Standards Track [Page 34]
RFC 4936 FC Zone Server MIB August 2007 should contain the zero-length string." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, section 6.1.3 and tables 4, 5, and 6." ::= { t11ZsServerEntry 8 } t11ZsServerReasonVendorCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0 | 1)) MAX-ACCESS read-only STATUS current DESCRIPTION "When the corresponding instance of t11ZsZoneSetResult has the value 'rejectFailure', this object contains the rejection's reason vendor-specific code. When the corresponding instance of t11ZsServerResult has a value other than 'rejectFailure', this object should contain the zero-length string." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, section 6.1.3 and tables 4, 5, and 6." ::= { t11ZsServerEntry 9 } t11ZsServerLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time of the last change (creation, modification, or deletion) to the Zone Set database for the Zone Server for a particular Fabric. If said Zone Set database has not changed since the last re-initialization of the local network management system, then this object will contain a zero value." ::= { t11ZsServerEntry 10 } t11ZsServerHardZoning OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates whether this switch, if and when it is in Basic mode, enforces Hard Zoning on this Fabric." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.10.3.2." DeSanti, et al. Standards Track [Page 35]
RFC 4936 FC Zone Server MIB August 2007 ::= { t11ZsServerEntry 11 } t11ZsServerReadFromDatabase OBJECT-TYPE SYNTAX INTEGER { committedDB(1), copyDB(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "In Enhanced mode, this object specifies whether subsequent SNMP Responses (generated by the local SNMP agent) to operations that read the configuration of Zone Sets, Zones, Members, Aliases and Attributes will reflect the values stored in the current (committed) Zone Set database, or those stored in the 'copy' database. In Basic mode, the value of this object is always 'committedDB' (since there is no 'copy' database in Basic mode). In SNMP agents that don't support write access to the Zone Set database, this object is always 'committedDB' (since the copy database, if it were to exist, would be identical)." DEFVAL { committedDB } ::= { t11ZsServerEntry 12 } t11ZsServerOperationMode OBJECT-TYPE SYNTAX INTEGER { basic(1), enhanced(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The operational mode of the Zone Server. Setting this object to 'enhanced' is a request that the mode of operation of the Zone Server be Enhanced mode, which is only possible if all devices in the Fibre Channel Fabric are capable of working in Enhanced mode. If not, the request will fail and the corresponding value of t11ZsServerChangeModeResult will so indicate. Setting this object to 'basic' is a request that the mode of operation of the Zone Server be Basic mode. However, such a set may fail while operating in Enhanced mode, since FC-GS-5 makes no provision for changing (back) DeSanti, et al. Standards Track [Page 36]
RFC 4936 FC Zone Server MIB August 2007 to Basic mode. Note that setting this object does not cause or require that the Fabric lock for the Zone Server be obtained. However, when this object has the value 'enhanced', any SNMP SetRequests that attempt to modify the copy database cannot be successful if the Fabric lock has not been obtained or has since been released." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, sections 6.4.10.1.1 and 6.4.10.1.2." DEFVAL { basic } ::= { t11ZsServerEntry 13 } t11ZsServerChangeModeResult OBJECT-TYPE SYNTAX INTEGER { success(1), failure(2), inProgress(3), none(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "When this object has the value of 'success' or 'failure', the value indicates the outcome of the most recent request, invoked via t11ZsServerOperationMode, to change the mode of operation of the Zone Server. When such a request is in progress, this object has the value 'inProgress'. Prior to the first such request, the value of this object is 'none'." ::= { t11ZsServerEntry 14 } t11ZsServerDefaultZoneSetting OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object controls the Enhanced Zoning flag that governs the behavior of the Default Zone on this Fabric. If this object is set to 'permit', then the members of the Default Zone on this Fabric can communicate with each other. DeSanti, et al. Standards Track [Page 37]
RFC 4936 FC Zone Server MIB August 2007 If this object is set to 'deny', then the members of the Default Zone on this Fabric cannot communicate with each other." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.10.1.1." DEFVAL { deny } ::= { t11ZsServerEntry 15 } t11ZsServerMergeControlSetting OBJECT-TYPE SYNTAX INTEGER { allow(1), restrict(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object controls the Enhanced Zoning flag that indicates the Merge Control Setting for this Fabric: 'allow' - a switch may join the Fabric only if its Zoning Database is able to merge with the Fabric's Zoning Database. 'restrict' - a switch may join the Fabric only if its Zoning Database is equal to the Fabric's Zoning Database." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.10.1.1." DEFVAL { allow } ::= { t11ZsServerEntry 16 } t11ZsServerDefZoneBroadcast OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object controls an Enhanced Zoning capability: it indicates whether Broadcast Zoning is enabled on the Default Zone on this Fabric. If this object is set to 'true', then it is enabled. If this object is set to 'false', then it is disabled. If broadcast Zoning is enabled on a Default Zone, then broadcast frames generated by a member in that Default Zone will be restricted to members in that Default Zone." REFERENCE DeSanti, et al. Standards Track [Page 38]
RFC 4936 FC Zone Server MIB August 2007 "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.7.2.2." ::= { t11ZsServerEntry 17 } -- -- The table of Zone Sets -- t11ZsSetTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information on every Zone Set in the Zone Set database of the Zone Servers on each Fabric in one or more switches. In Enhanced mode, changes to a database made via this table are always made to the 'copy' database, but values read from this table reflect the contents of either the 'copy' database or the current (committed) database as indicated by the corresponding value of t11ZsServerReadFromDatabase." ::= { t11ZsConfiguration 2 } t11ZsSetEntry OBJECT-TYPE SYNTAX T11ZsSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about a Zone Set in the Zone Set database of a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). A Zone Set can be created in an existing Zone Set database, and can contain zero or more existing Zones. As and when new Zones are created (as rows in the t11ZsZoneTable), they can be added to a Zone Set by creating an entry for each in the t11ZsSetZoneTable. Deleting a row from this table deletes the Zone Set from the Zone Set database maintained by the Zone Server, but does not otherwise affect the Zone Server. The StorageType of a row in this table is specified by the instance of t11ZsServerDatabaseStorageType that is DeSanti, et al. Standards Track [Page 39]
RFC 4936 FC Zone Server MIB August 2007 INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsSetIndex } ::= { t11ZsSetTable 1 } T11ZsSetEntry ::= SEQUENCE { t11ZsSetIndex Unsigned32, t11ZsSetName T11ZoningName, t11ZsSetRowStatus RowStatus } t11ZsSetIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of a Zone Set. This object uniquely identifies a Zone Set in the Zone Set database for a particular Fabric on a particular switch." ::= { t11ZsSetEntry 1 } t11ZsSetName OBJECT-TYPE SYNTAX T11ZoningName MAX-ACCESS read-create STATUS current DESCRIPTION "The name of this Zone Set. The t11ZsSetName should be unique within a Fabric. The Zone Set can be renamed at any time (i.e., even when the row in an active state) by setting this object to a new value." ::= { t11ZsSetEntry 2 } t11ZsSetRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. This object cannot be set to 'active' unless the corresponding value of t11ZsSetName is unique within the Fabric's Zone Server database on this switch." ::= { t11ZsSetEntry 3 } DeSanti, et al. Standards Track [Page 40]
RFC 4936 FC Zone Server MIB August 2007 -- -- The table of Zones -- t11ZsZoneTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsZoneEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table gives information on all the Zones in the Zone Set database of the Zone Servers on each Fabric in one or more switches. In Enhanced mode, changes to a database made via this table are always made to the 'copy' database, but values read from this table reflect the contents of either the 'copy' database or the current (committed) database as indicated by the corresponding value of t11ZsServerReadFromDatabase." ::= { t11ZsConfiguration 3 } t11ZsZoneEntry OBJECT-TYPE SYNTAX T11ZsZoneEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about a Zone in the Zone Set database of a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). A Zone can be created in an existing Zone Set database, by first creating an entry in this table, and then adding members to it by creating entries in the t11ZsZoneMemberTable. The StorageType of a row in this table is specified by the instance of t11ZsServerDatabaseStorageType that is INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsZoneIndex } ::= { t11ZsZoneTable 1 } T11ZsZoneEntry ::= SEQUENCE { t11ZsZoneIndex Unsigned32, t11ZsZoneName T11ZoningName, DeSanti, et al. Standards Track [Page 41]
RFC 4936 FC Zone Server MIB August 2007 t11ZsZoneAttribBlock Unsigned32, t11ZsZoneRowStatus RowStatus } t11ZsZoneIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies this Zone within a particular Fabric's Zone Set database on a particular switch." ::= { t11ZsZoneEntry 1 } t11ZsZoneName OBJECT-TYPE SYNTAX T11ZoningName MAX-ACCESS read-create STATUS current DESCRIPTION "The name of this Zone. The t11ZsZoneName should be unique within a Fabric. The Zone can be renamed by setting this object to a new value." ::= { t11ZsZoneEntry 2 } t11ZsZoneAttribBlock OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the index value of the Zone Attribute Block that contains the Attributes of this Zone. In Enhanced mode, a value of zero indicates this Zone has no Zone Attributes. In Basic mode, this object always has the value of zero." ::= { t11ZsZoneEntry 3 } t11ZsZoneRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. This object cannot be set to 'active' unless the DeSanti, et al. Standards Track [Page 42]
RFC 4936 FC Zone Server MIB August 2007 corresponding value of t11ZsZoneName is unique within the Fabric's Zone Server database on this switch." ::= { t11ZsZoneEntry 4 } -- -- The table specifying the Zones that belong to each Zone Set -- t11ZsSetZoneTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsSetZoneEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies which Zones belong to which Zone Sets in the Zone Set database of the Zone Servers on each Fabric in one or more switches." ::= { t11ZsConfiguration 4 } t11ZsSetZoneEntry OBJECT-TYPE SYNTAX T11ZsSetZoneEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry specifies that a particular Zone (identified by the value of t11ZsZoneIndex) is one of the Zones that form a particular Zone Set (identified by the value of t11ZsSetIndex) in the Zone Set database of a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). When a row in this table exists, it references one row in the t11ZsSetTable and one row in the t11ZsZoneTable. The agent must ensure that both such rows when referenced by an active row in this table, do exist and have a status of 'active', either by refusing to create new rows in this table, or by automatically deleting rows in this table. An 'active' row in this table references one row in the t11ZsSetTable and one in the t11ZsZoneTable. The agent must ensure that all such referenced rows exist with a status of 'active', either by refusing to create new active rows in this table, or by automatically deleting any rows in this table that reference a deleted row. The StorageType of a row in this table is specified by the instance of t11ZsServerDatabaseStorageType that is DeSanti, et al. Standards Track [Page 43]
RFC 4936 FC Zone Server MIB August 2007 INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsSetIndex, t11ZsZoneIndex } ::= { t11ZsSetZoneTable 1 } T11ZsSetZoneEntry ::= SEQUENCE { t11ZsSetZoneRowStatus RowStatus } t11ZsSetZoneRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row." ::= { t11ZsSetZoneEntry 1 } -- -- The table of Zone Aliases -- t11ZsAliasTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsAliasEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains information about the Zone Aliases in the Zone Set database of the Zone Servers on each Fabric in one or more switches. In Enhanced mode, changes to a database made via this table are always made to the 'copy' database, but values read from this table reflect the contents of either the 'copy' database or the current (committed) database as indicated by the corresponding value of t11ZsServerReadFromDatabase." ::= { t11ZsConfiguration 5 } t11ZsAliasEntry OBJECT-TYPE SYNTAX T11ZsAliasEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about a Zone Alias in the Zone Set database of a particular Fabric (identified by the value of t11ZsServerFabricIndex) on DeSanti, et al. Standards Track [Page 44]
RFC 4936 FC Zone Server MIB August 2007 a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). A Zone Member is added to a Zone Alias by creating an entry in the t11ZsZoneMemberTable pointing to a row of this table via t11ZsAliasIndex, i.e.,: - t11ZsZoneMemberParentType = 'alias', - t11ZsZoneMemberParentIndex = Alias's t11ZsAliasIndex, - t11ZsZoneMemberFormat != '05 - Alias Name', and - t11ZsZoneMemberID = Member's identifier. A Zone Alias is added to a Zone by creating an entry in the t11ZsZoneMemberTable pointing to a row of this table via t11ZsAliasName, i.e.,: - t11ZsZoneMemberParentType = 'zone', and - t11ZsZoneMemberParentIndex = Zone's t11ZsZoneIndex, - t11ZsZoneMemberFormat = '05 - Alias Name', - t11ZsZoneMemberID = Alias's t11ZsAliasName. The StorageType of a row in this table is specified by the instance of t11ZsServerDatabaseStorageType that is INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsAliasIndex } ::= { t11ZsAliasTable 1 } T11ZsAliasEntry ::= SEQUENCE { t11ZsAliasIndex Unsigned32, t11ZsAliasName T11ZoningName, t11ZsAliasRowStatus RowStatus } t11ZsAliasIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value which uniquely identifies this Zone Alias within the Zone Set database of a particular Fabric on a particular switch." ::= { t11ZsAliasEntry 1 } t11ZsAliasName OBJECT-TYPE SYNTAX T11ZoningName MAX-ACCESS read-create DeSanti, et al. Standards Track [Page 45]
RFC 4936 FC Zone Server MIB August 2007 STATUS current DESCRIPTION "The name of this Zone Alias. The name of the Zone Alias should be unique within a Fabric. The Zone Alias can be renamed by setting this object to a new value if and when it is not in a Zone, i.e., if and only if the current name is not the value of any t11ZsZoneMemberID in the same Zone Set database." ::= { t11ZsAliasEntry 2 } t11ZsAliasRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. This object cannot be set to 'active' unless the corresponding value of t11ZsAliasName is unique within the Fabric's Zone Server database on this switch." ::= { t11ZsAliasEntry 3 } -- -- The table of Zone Members -- t11ZsZoneMemberTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsZoneMemberEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains all members of a Zone/Zone Alias and information about those members in the Zone Set database of the Zone Servers on each Fabric in one or more switches. In Enhanced mode, changes to a database made via this table are always made to the 'copy' database, but values read from this table reflect the contents of either the 'copy' database or the current (committed) database as indicated by the corresponding value of t11ZsServerReadFromDatabase." ::= { t11ZsConfiguration 6 } t11ZsZoneMemberEntry OBJECT-TYPE SYNTAX T11ZsZoneMemberEntry MAX-ACCESS not-accessible DeSanti, et al. Standards Track [Page 46]
RFC 4936 FC Zone Server MIB August 2007 STATUS current DESCRIPTION "Each entry represents the relationship between a member and (one of) its 'parent(s)', i.e., a Zone or Zone Alias to which the member belongs, within a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). A Zone member (other than an alias) is added to a Zone by creating an entry in this table having: - t11ZsZoneMemberParentType = 'zone', and - t11ZsZoneMemberParentIndex = Zone's t11ZsZoneIndex, - t11ZsZoneMemberFormat != '05 - Alias Name', - t11ZsZoneMemberID = Member's identifier. An 'active' row in this table references rows in other tables. The agent must ensure that all such referenced rows exist with a status of 'active', either by refusing to create new active rows in this table, or by automatically deleting any rows in this table that reference a deleted row. The StorageType of a row in this table is specified by the instance of t11ZsServerDatabaseStorageType that is INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsZoneMemberParentType, t11ZsZoneMemberParentIndex, t11ZsZoneMemberIndex } ::= { t11ZsZoneMemberTable 1 } T11ZsZoneMemberEntry ::= SEQUENCE { t11ZsZoneMemberParentType INTEGER, t11ZsZoneMemberParentIndex Unsigned32, t11ZsZoneMemberIndex Unsigned32, t11ZsZoneMemberFormat T11ZsZoneMemberType, t11ZsZoneMemberID OCTET STRING, t11ZsZoneMemberRowStatus RowStatus } t11ZsZoneMemberParentType OBJECT-TYPE SYNTAX INTEGER { zone(1), -- member belongs to a Zone alias(2) -- member belongs to a Zone Alias } DeSanti, et al. Standards Track [Page 47]
RFC 4936 FC Zone Server MIB August 2007 MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object determines whether this member belongs to a Zone or Zone Alias." ::= { t11ZsZoneMemberEntry 1 } t11ZsZoneMemberParentIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object contains the index value of the Zone or Zone Alias to which this member belongs. If the value of the corresponding instance of t11ZsZoneMemberParentType is 'zone', then this object will contain the value of the t11ZsZoneIndex object of the Zone to which this member belongs. If the value of the corresponding instance of t11ZsZoneMemberParentType is 'alias', then this object will contain the value of the t11ZsAliasIndex object of the Zone Alias to which this member belongs." ::= { t11ZsZoneMemberEntry 2 } t11ZsZoneMemberIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies this Zone Member amongst all Zone Members in the Zone Set database of a particular Fabric on a particular switch." ::= { t11ZsZoneMemberEntry 3 } t11ZsZoneMemberFormat OBJECT-TYPE SYNTAX T11ZsZoneMemberType MAX-ACCESS read-create STATUS current DESCRIPTION "This object identifies the format of the Zone/Zone Alias member's identifier contained in t11ZsZoneMemberID. This object cannot be modified while the corresponding value of t11ZsZoneMemberRowStatus object is 'active'." ::= { t11ZsZoneMemberEntry 4 } DeSanti, et al. Standards Track [Page 48]
RFC 4936 FC Zone Server MIB August 2007 t11ZsZoneMemberID OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object contains the Member Identifier of the Zone or Alias. The interpretation of this object depends on the value of the corresponding instance of t11ZsZoneMemberFormat: - if t11ZsZoneMemberFormat is 'N_Port_Name', then this object contains an N_Port_Name. - if t11ZsZoneMemberFormat is 'Domain_ID and physical port', then this object contains a 4-octet value in network byte order. The first octet is zero, the second octet contains the Domain_ID, and the last 2 octets contain the physical port number. - if t11ZsZoneMemberFormat is 'N_Port_ID', then this object contains the 3-octet Nx_Port FC_ID. - if t11ZsZoneMemberFormat is 'Alias Name', then this object contains the value of t11ZsAliasName for some Alias in the same Zone Set database. - if t11ZsZoneMemberFormat is 'Node_Name', then this object contains an 8-octet Node_Name. - if t11ZsZoneMemberFormat is 'F_Port_Name', then this object contains an 8-octet F_Port_Name. - if t11ZsZoneMemberFormat is one of the 'Vendor Specific' values, then this object contains a value of 1 to 255 octets in a format defined by the relevant vendor. This object cannot be modified while the corresponding value of t11ZsZoneMemberRowStatus object is 'active'." ::= { t11ZsZoneMemberEntry 5 } t11ZsZoneMemberRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. DeSanti, et al. Standards Track [Page 49]
RFC 4936 FC Zone Server MIB August 2007 The corresponding instances of t11ZsZoneMemberID and t11ZsZoneMemberFormat objects must be set before or concurrently with setting this object to 'active'." ::= { t11ZsZoneMemberEntry 6 } -- -- The table of Zone Attribute Blocks -- t11ZsAttribBlockTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsAttribBlockEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table gives information on all the Zone Attributes in the Zone Set database of the Zone Servers on each Fabric in one or more switches. In Enhanced mode, changes to a database made via this table are always made to the 'copy' database, but values read from this table reflect the contents of either the 'copy' database or the current (committed) database as indicated by the corresponding value of t11ZsServerReadFromDatabase." ::= { t11ZsConfiguration 7 } t11ZsAttribBlockEntry OBJECT-TYPE SYNTAX T11ZsAttribBlockEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about a Zone Attribute Block (of Zone Attributes) in the Zone Set database of a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). An 'active' row in this table references a row in the t11ZsAttribBlockTable. The agent must ensure that the referenced rows exists with a status of 'active', either by refusing to create new active rows in this table, or by automatically deleting any rows in this table that reference a deleted row. The StorageType of a row in this table is specified by the instance of t11ZsServerDatabaseStorageType that is INDEXed by the same values of fcmInstanceIndex, DeSanti, et al. Standards Track [Page 50]
RFC 4936 FC Zone Server MIB August 2007 fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsAttribBlockIndex } ::= { t11ZsAttribBlockTable 1 } T11ZsAttribBlockEntry ::= SEQUENCE { t11ZsAttribBlockIndex Unsigned32, t11ZsAttribBlockName T11ZoningName, t11ZsAttribBlockRowStatus RowStatus } t11ZsAttribBlockIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies this Zone Attribute within the Zone Set database of a particular Fabric on a particular switch." ::= { t11ZsAttribBlockEntry 1 } t11ZsAttribBlockName OBJECT-TYPE SYNTAX T11ZoningName MAX-ACCESS read-create STATUS current DESCRIPTION "The name of this Zone Attribute Block, which should be unique within the Fabric." ::= { t11ZsAttribBlockEntry 2 } t11ZsAttribBlockRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row." ::= { t11ZsAttribBlockEntry 3 } DeSanti, et al. Standards Track [Page 51]
RFC 4936 FC Zone Server MIB August 2007 -- -- The table of Zone Attributes -- t11ZsAttribTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table gives information on the Zone Attributes within the Zone Attribute Blocks in the Zone Set database of the Zone Servers on each Fabric in one or more switches. In Enhanced mode, changes to a database made via this table are always made to the 'copy' database, but values read from this table reflect the contents of either the 'copy' database or the current (committed) database as indicated by the corresponding value of t11ZsServerReadFromDatabase." ::= { t11ZsConfiguration 8 } t11ZsAttribEntry OBJECT-TYPE SYNTAX T11ZsAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains information about a Zone Attribute in a Zone Attribute Block (identified by t11ZsAttribBlockIndex) in the Zone Set database of a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). An entry in this table cannot be created prior to its associated entry in the t11ZsAttribBlockTable. The StorageType of a row in this table is specified by the instance of t11ZsServerDatabaseStorageType that is INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsAttribBlockIndex, t11ZsAttribIndex } ::= { t11ZsAttribTable 1 } T11ZsAttribEntry ::= SEQUENCE { DeSanti, et al. Standards Track [Page 52]
RFC 4936 FC Zone Server MIB August 2007 t11ZsAttribIndex Unsigned32, t11ZsAttribType Unsigned32, t11ZsAttribValue OCTET STRING, t11ZsAttribRowStatus RowStatus } t11ZsAttribIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies this Zone Attribute within its Zone Attribute Block in the Zone Set database of a particular Fabric on a particular switch." ::= { t11ZsAttribEntry 1 } t11ZsAttribType OBJECT-TYPE SYNTAX Unsigned32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of attribute: 0001 - Protocol 0002 - Broadcast Zone 0003 - Hard Zone 00E0 (hex) - Vendor Specific." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.8.3.8, Table 249." ::= { t11ZsAttribEntry 2 } t11ZsAttribValue OBJECT-TYPE SYNTAX OCTET STRING (SIZE (4..252)) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of the attribute, formatted as specified in FC-GS-5 for the type given by the corresponding instance of t11ZsAttribType. Note that FC-GS-5 requires that the length of this value is a multiple of 4 bytes." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.8.3.8." ::= { t11ZsAttribEntry 3 } DeSanti, et al. Standards Track [Page 53]
RFC 4936 FC Zone Server MIB August 2007 t11ZsAttribRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row." ::= { t11ZsAttribEntry 4 } -- -- Activating a Zone Set -- t11ZsActivateTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsActivateEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table provides a mechanism to allow a Zone Set to be activated on a Fabric." ::= { t11ZsConfiguration 9 } t11ZsActivateEntry OBJECT-TYPE SYNTAX T11ZsActivateEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry reflects the state of the activation of a Zone Set by a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex) on a particular Fabric (identified by the value of t11ZsServerFabricIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex } ::= { t11ZsActivateTable 1 } T11ZsActivateEntry ::= SEQUENCE { t11ZsActivateRequest Unsigned32, t11ZsActivateDeactivate INTEGER, t11ZsActivateResult INTEGER, t11ZsActivateFailCause SnmpAdminString, t11ZsActivateFailDomainId FcDomainIdOrZero } t11ZsActivateRequest OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-write STATUS current DESCRIPTION DeSanti, et al. Standards Track [Page 54]
RFC 4936 FC Zone Server MIB August 2007 "Setting this object to a value is a request for a Zone Set to be activated on the Fabric that is represented by this row. The Zone Set to be activated is the one for which t11ZsSetIndex has the same value. If a Zone Set is already active on a Fabric when a request is made to activate a different one on that Fabric, then the existing Zone Set is automatically deactivated and the specified Zone Set is activated in its place. The value of this object when read is always 0." ::= { t11ZsActivateEntry 1 } t11ZsActivateDeactivate OBJECT-TYPE SYNTAX INTEGER { deactivate(1), noop(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to 'deactivate' is a request to deactivate the currently active Zone Set on a Fabric. Note that the deactivation of the active Zone Set allows all ports to communicate or no ports to communicate, depending on the current Default Zone behavior. No action is taken if this object is set to 'noop'. When read, the value of this object is always 'noop'." ::= { t11ZsActivateEntry 2 } t11ZsActivateResult OBJECT-TYPE SYNTAX INTEGER { activateSuccess(1), activateFailure(2), deactivateSuccess(3), deactivateFailure(4), inProgress(5), none(6) } MAX-ACCESS read-only STATUS current DESCRIPTION DeSanti, et al. Standards Track [Page 55]
RFC 4936 FC Zone Server MIB August 2007 "This object indicates the outcome of the most recent activation/deactivation using this entry. When the value of this object is 'inProgress', the values of the corresponding instances of t11ZsActivateRequest and t11ZsActivateDeactivate cannot be modified. The value 'none' indicates activation/deactivation has not been attempted since the last restart of the management system." ::= { t11ZsActivateEntry 3 } t11ZsActivateFailCause OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "A textual message indicating the reason for the most recent failure of a Zone Set activation or deactivation, or the zero-length string if no information is available (e.g., because the corresponding instance of t11ZsActivateResult has the value 'none'). When the corresponding instance of t11ZsActivateResult is either 'activateFailure' or 'deactivateFailure', the value of this object indicates the reason for that failure." ::= { t11ZsActivateEntry 4 } t11ZsActivateFailDomainId OBJECT-TYPE SYNTAX FcDomainIdOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "If the failure cause (as indicated by t11ZsSetFailCause) was specific to a particular device, this object contains the Domain_ID of that device. Otherwise, this object contains zero." ::= { t11ZsActivateEntry 5 } DeSanti, et al. Standards Track [Page 56]
RFC 4936 FC Zone Server MIB August 2007 -- -- t11ZsActiveTable -- t11ZsActiveTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsActiveEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information on the currently enforced/active Zone Set on each Fabric. An active Zone Set cannot be modified. This table will be empty when no Zone Set is activated." ::= { t11ZsConfiguration 10 } t11ZsActiveEntry OBJECT-TYPE SYNTAX T11ZsActiveEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents an active Zone Set of a particular Fabric (identified by the value of t11ZsServerFabricIndex), according to a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex } ::= { t11ZsActiveTable 1 } T11ZsActiveEntry ::= SEQUENCE { t11ZsActiveZoneSetName T11ZoningName, t11ZsActiveActivateTime TimeStamp } t11ZsActiveZoneSetName OBJECT-TYPE SYNTAX T11ZoningName MAX-ACCESS read-only STATUS current DESCRIPTION "The name of this Zone Set on this Fabric." ::= { t11ZsActiveEntry 1 } t11ZsActiveActivateTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION DeSanti, et al. Standards Track [Page 57]
RFC 4936 FC Zone Server MIB August 2007 "The value of sysUpTime at which this entry was most recently activated. If this row was activated prior to the last re-initialization of the local network management system, then this object will contain a zero value." ::= { t11ZsActiveEntry 2 } -- -- Zones in the Active/Enforced Zone Set -- t11ZsActiveZoneTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsActiveZoneEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains all the Zones that are present in the active Zone Sets on all Fabrics." ::= { t11ZsConfiguration 11 } t11ZsActiveZoneEntry OBJECT-TYPE SYNTAX T11ZsActiveZoneEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents a Zone in the active Zone Set of a particular Fabric (identified by the value of t11ZsServerFabricIndex), according to a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsActiveZoneIndex } ::= { t11ZsActiveZoneTable 1 } T11ZsActiveZoneEntry ::= SEQUENCE { t11ZsActiveZoneIndex Unsigned32, t11ZsActiveZoneName T11ZoningName, t11ZsActiveZoneBroadcastZoning TruthValue, t11ZsActiveZoneHardZoning TruthValue } t11ZsActiveZoneIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies this Zone within the active Zone Set on a particular Fabric." ::= { t11ZsActiveZoneEntry 1 } DeSanti, et al. Standards Track [Page 58]
RFC 4936 FC Zone Server MIB August 2007 t11ZsActiveZoneName OBJECT-TYPE SYNTAX T11ZoningName MAX-ACCESS read-only STATUS current DESCRIPTION "The name of this Zone." ::= { t11ZsActiveZoneEntry 2 } t11ZsActiveZoneBroadcastZoning OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates whether broadcast Zoning is enabled on this Zone. If broadcast Zoning is enabled, then broadcast frames generated by a member in this Zone will be restricted to members in this Zone. This object is only instantiated in Enhanced mode." ::= { t11ZsActiveZoneEntry 3 } t11ZsActiveZoneHardZoning OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates whether hard Zoning is enabled on this Zone. This object is only instantiated in Enhanced mode." ::= { t11ZsActiveZoneEntry 4 } -- -- Zone Members in the Active/Enforced Zone Set -- t11ZsActiveZoneMemberTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsActiveZoneMemberEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains all members of all Zones within the active Zone Set on any Fabric." ::= { t11ZsConfiguration 12 } t11ZsActiveZoneMemberEntry OBJECT-TYPE SYNTAX T11ZsActiveZoneMemberEntry MAX-ACCESS not-accessible DeSanti, et al. Standards Track [Page 59]
RFC 4936 FC Zone Server MIB August 2007 STATUS current DESCRIPTION "Each entry represents a member of a Zone in the active Zone Set of a particular Fabric (identified by the value t11ZsServerFabricIndex), according to a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsActiveZoneIndex, t11ZsActiveZoneMemberIndex } ::= { t11ZsActiveZoneMemberTable 1 } T11ZsActiveZoneMemberEntry ::= SEQUENCE { t11ZsActiveZoneMemberIndex Unsigned32, t11ZsActiveZoneMemberFormat T11ZsZoneMemberType, t11ZsActiveZoneMemberID OCTET STRING } t11ZsActiveZoneMemberIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies this member amongst the members of a particular Zone in the active Zone Set on a particular Fabric." ::= { t11ZsActiveZoneMemberEntry 1 } t11ZsActiveZoneMemberFormat OBJECT-TYPE SYNTAX T11ZsZoneMemberType MAX-ACCESS read-only STATUS current DESCRIPTION "This object identifies the identifier format of the corresponding instance of t11ZsActiveZoneMemberID." ::= { t11ZsActiveZoneMemberEntry 2 } t11ZsActiveZoneMemberID OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "This value of this object identifies the member using the format specified in the corresponding instance of t11ZsActiveZoneMemberFormat." ::= { t11ZsActiveZoneMemberEntry 3 } DeSanti, et al. Standards Track [Page 60]
RFC 4936 FC Zone Server MIB August 2007 -- -- Zone Attributes in the Active/Enforced Zone Set -- t11ZsActiveAttribTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsActiveAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains information about some of the Attributes of the Zones within the active Zone Set on each Fabric. This table contains all the types of attributes that might apply zero, one, or more times to a Zone. Attributes that apply once and only to a Zone are specified in the t11ZsActiveZoneTable. This table will always be empty in Basic mode. It will also be empty if there are no Zones in any active Zone Set having any of the applicable types of attributes." ::= { t11ZsConfiguration 13 } t11ZsActiveAttribEntry OBJECT-TYPE SYNTAX T11ZsActiveAttribEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains an Attribute of a particular Zone in the active Zone Set of a particular Fabric (identified by the value of t11ZsServerFabricIndex), according to a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex, t11ZsActiveZoneIndex, t11ZsActiveAttribIndex } ::= { t11ZsActiveAttribTable 1 } T11ZsActiveAttribEntry ::= SEQUENCE { t11ZsActiveAttribIndex Unsigned32, t11ZsActiveAttribType Unsigned32, t11ZsActiveAttribValue OCTET STRING } t11ZsActiveAttribIndex OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible DeSanti, et al. Standards Track [Page 61]
RFC 4936 FC Zone Server MIB August 2007 STATUS current DESCRIPTION "An index value that uniquely identifies this attribute amongst the other attributes for a particular Zone in the active Zone Set on a particular Fabric." ::= { t11ZsActiveAttribEntry 1 } t11ZsActiveAttribType OBJECT-TYPE SYNTAX Unsigned32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The type of attribute: 0001 - Protocol 00E0 (hex) - Vendor Specific Note that type 2 (Hard) and type 3 (Broadcast) do not need to be represented here, because they are represented by t11ZsActiveZoneBroadcastZoning and t11ZsActiveZoneHardZoning." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.8.3.8, Table 249." ::= { t11ZsActiveAttribEntry 2 } t11ZsActiveAttribValue OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..252)) MAX-ACCESS read-only STATUS current DESCRIPTION "The value of the attribute, formatted according to its type as indicated by the corresponding instance of t11ZsActiveAttribType. As specified in FC-GS-5, the length of an attribute value is at least 4 bytes, and if necessary, the value is appended with zero bytes so that the length is a multiple of 4. For a Vendor-Specific attribute value, the first 8 bytes contain the T10 Vendor ID as described in FC-GS-5." REFERENCE "Fibre Channel - Generic Services-5 (FC-GS-5), ANSI INCITS 427-2007, section 6.4.8.3.8." ::= { t11ZsActiveAttribEntry 3 } DeSanti, et al. Standards Track [Page 62]
RFC 4936 FC Zone Server MIB August 2007 -- -- Zone Server Statistics -- t11ZsStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of statistics maintained by Zone Servers." ::= { t11ZsStatistics 1 } t11ZsStatsEntry OBJECT-TYPE SYNTAX T11ZsStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of statistics for a Zone Server on a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex } ::= { t11ZsStatsTable 1 } T11ZsStatsEntry ::= SEQUENCE { t11ZsOutMergeRequests Counter32, t11ZsInMergeAccepts Counter32, t11ZsInMergeRequests Counter32, t11ZsOutMergeAccepts Counter32, t11ZsOutChangeRequests Counter32, t11ZsInChangeAccepts Counter32, t11ZsInChangeRequests Counter32, t11ZsOutChangeAccepts Counter32, t11ZsInZsRequests Counter32, t11ZsOutZsRejects Counter32 } t11ZsOutMergeRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Merge Request Frames sent by this Zone Server to other Zone Servers in the same Fabric. This counter has no discontinuities other than those DeSanti, et al. Standards Track [Page 63]
RFC 4936 FC Zone Server MIB August 2007 that all Counter32s have when sysUpTime=0." ::= { t11ZsStatsEntry 1 } t11ZsInMergeAccepts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Merge Accept Frames received by this Zone Server from other Zone Servers in the same Fabric. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." ::= { t11ZsStatsEntry 2 } t11ZsInMergeRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Merge Request Frames received by this Zone Server from other Zone Servers in the same Fabric. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." ::= { t11ZsStatsEntry 3 } t11ZsOutMergeAccepts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Merge Accept Frames sent by this Zone Server to other Zone Servers in the same Fabric. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." ::= { t11ZsStatsEntry 4 } t11ZsOutChangeRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of change requests sent (via the Fabric Management Session Protocol) by this Zone Server to other Zone Servers in the same Fabric. DeSanti, et al. Standards Track [Page 64]
RFC 4936 FC Zone Server MIB August 2007 This includes Acquire Change Authorization requests, Stage Fabric Config Update requests, Update Fabric Config requests and Release Change Authorization requests. It also includes the corresponding types of requests defined by the Enhanced Commit Service. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, sections 10.6 and 13." ::= { t11ZsStatsEntry 5 } t11ZsInChangeAccepts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of SW_ACC messages received from other Zone Servers in the same Fabric (according to the Fabric Management Session Protocol) in response to change requests by this Zone Server. This includes SW_ACC messages received in response to Acquire Change Authorization requests, to Stage Fabric Config Update requests, to Update Fabric Config requests, and to Release Change Authorization requests. It also includes responses to the corresponding types of requests defined for the Enhanced Commit Service. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, sections 10.6 and 13." ::= { t11ZsStatsEntry 6 } t11ZsInChangeRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of change requests received (via the Fabric Management Session Protocol) by this Zone Server from other Zone Servers in the same Fabric. This includes Acquire Change Authorization requests, Stage Fabric Config Update requests, Update Fabric Config requests DeSanti, et al. Standards Track [Page 65]
RFC 4936 FC Zone Server MIB August 2007 and Release Change Authorization requests. It also includes the corresponding types of requests defined by the Enhanced Commit Service. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, sections 10.6 and 13." ::= { t11ZsStatsEntry 7 } t11ZsOutChangeAccepts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of SW_ACC messages sent by this Zone Server (according to the Fabric Management Session Protocol) in response to change requests from other Zone Servers in the same Fabric. This includes SW_ACC messages sent in response to Acquire Change Authorization requests, to Stage Fabric Config Update requests, to Update Fabric Config requests and to Release Change Authorization requests. It also includes responses to the corresponding types of requests defined for the Enhanced Commit Service. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." REFERENCE "Fibre Channel - Switch Fabric-4 (FC-SW-4), ANSI INCITS 418-2006, April 2006, sections 10.6 and 13." ::= { t11ZsStatsEntry 8 } t11ZsInZsRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Zone Server requests received by this Zone Server on this Fabric, both those received in Basic mode and in Enhanced mode. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." ::= { t11ZsStatsEntry 9 } DeSanti, et al. Standards Track [Page 66]
RFC 4936 FC Zone Server MIB August 2007 t11ZsOutZsRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Zone Server requests rejected by this Zone Server on this Fabric, both those rejected in Basic mode and in Enhanced mode. This counter has no discontinuities other than those that all Counter32s have when sysUpTime=0." ::= { t11ZsStatsEntry 10 } -- -- Notification Control Table -- t11ZsNotifyControlTable OBJECT-TYPE SYNTAX SEQUENCE OF T11ZsNotifyControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of control information for notifications generated due to Zone Server events." ::= { t11ZsConfiguration 14 } t11ZsNotifyControlEntry OBJECT-TYPE SYNTAX T11ZsNotifyControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains notification control information specific to a Zone Server for a particular Fabric (identified by the value of t11ZsServerFabricIndex) on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex). The persistence across reboots of writable values in a row of this table is specified by the instance of t11ZsServerDatabaseStorageType that is INDEXed by the same values of fcmInstanceIndex, fcmSwitchIndex, and t11ZsServerFabricIndex." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11ZsServerFabricIndex } ::= { t11ZsNotifyControlTable 1 } T11ZsNotifyControlEntry ::= SEQUENCE { t11ZsNotifyRequestRejectEnable TruthValue, DeSanti, et al. Standards Track [Page 67]
RFC 4936 FC Zone Server MIB August 2007 t11ZsNotifyMergeFailureEnable TruthValue, t11ZsNotifyMergeSuccessEnable TruthValue, t11ZsNotifyDefZoneChangeEnable TruthValue, t11ZsNotifyActivateEnable TruthValue, t11ZsRejectCtCommandString OCTET STRING, t11ZsRejectRequestSource FcNameIdOrZero, t11ZsRejectReasonCode T11NsGs4RejectReasonCode, t11ZsRejectReasonCodeExp T11ZsRejectReasonExplanation, t11ZsRejectReasonVendorCode OCTET STRING } t11ZsNotifyRequestRejectEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether t11ZsRequestRejectNotify notifications should be generated by the Zone Server for this Fabric." ::= { t11ZsNotifyControlEntry 1 } t11ZsNotifyMergeFailureEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether t11ZsMergeFailureNotify notifications should be generated by the Zone Server for this Fabric." ::= { t11ZsNotifyControlEntry 2 } t11ZsNotifyMergeSuccessEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether t11ZsMergeSuccessNotify notifications should be generated by the Zone Server for this Fabric." ::= { t11ZsNotifyControlEntry 3 } t11ZsNotifyDefZoneChangeEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether t11ZsDefZoneChangeNotify notifications should be generated by the Zone Server DeSanti, et al. Standards Track [Page 68]
RFC 4936 FC Zone Server MIB August 2007 for this Fabric." ::= { t11ZsNotifyControlEntry 4 } t11ZsNotifyActivateEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether t11ZsActivateNotify notifications should be generated by the Zone Server for this Fabric." ::= { t11ZsNotifyControlEntry 5 } t11ZsRejectCtCommandString OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The binary content of the Zone Server request, formatted as an octet string (in network byte order) containing the Common Transport Information Unit (CT_IU), as described in Table 2 of FC-GS-5 (including the preamble), which was most recently rejected by the Fabric Configuration Server for this Fabric. This object contains the zero-length string if and when the CT-IU's content is unavailable. When the length of this object is 255 octets, it contains the first 255 octets of the CT-IU (in network byte order)." ::= { t11ZsNotifyControlEntry 6 } t11ZsRejectRequestSource OBJECT-TYPE SYNTAX FcNameIdOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "The WWN that was the source of the CT_IU contained in the corresponding instance of t11ZsRejectCtCommandString." ::= { t11ZsNotifyControlEntry 7 } t11ZsRejectReasonCode OBJECT-TYPE SYNTAX T11NsGs4RejectReasonCode MAX-ACCESS read-only STATUS current DESCRIPTION DeSanti, et al. Standards Track [Page 69]
RFC 4936 FC Zone Server MIB August 2007 "The reason code corresponding to the most recent rejection of a request by the Zone Server for this Fabric." ::= { t11ZsNotifyControlEntry 8 } t11ZsRejectReasonCodeExp OBJECT-TYPE SYNTAX T11ZsRejectReasonExplanation MAX-ACCESS read-only STATUS current DESCRIPTION "When the value of t11ZsRejectReasonCode is 'Unable to perform command request', this object contains the corresponding reason code explanation." ::= { t11ZsNotifyControlEntry 9 } t11ZsRejectReasonVendorCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1)) MAX-ACCESS read-only STATUS current DESCRIPTION "When the value of t11ZsRejectReasonCode is 'Vendor Specific Error', this object contains the corresponding vendor-specific reason code." ::= { t11ZsNotifyControlEntry 10 } t11ZsFabricIndex OBJECT-TYPE SYNTAX Unsigned32 (0..4096) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "This object contains either a value of T11FabricIndex to identify the Fabric on which some occurrence has caused a notification to be generated, or it has the value 4096 to indicate all applicable Fabrics." ::= { t11ZsConfiguration 15 } DeSanti, et al. Standards Track [Page 70]
RFC 4936 FC Zone Server MIB August 2007 -- Notifications t11ZsRequestRejectNotify NOTIFICATION-TYPE OBJECTS { t11FamLocalSwitchWwn, t11ZsRejectRequestSource, t11ZsRejectCtCommandString, t11ZsRejectReasonCode, t11ZsRejectReasonCodeExp, t11ZsRejectReasonVendorCode } STATUS current DESCRIPTION "This notification is generated whenever a Zone Server (indicated by the value of t11FamLocalSwitchWwn) rejects a request. The value of t11ZsRejectCtCommandString indicates the rejected request, and the values of t11ZsRejectReasonCode, t11ZsRejectReasonCodeExp and t11ZsRejectReasonVendorCode indicate the reason for the rejection. The value of t11ZsRequestClient indicates the source of the request." ::= { t11ZsMIBNotifications 1 } t11ZsMergeFailureNotify NOTIFICATION-TYPE OBJECTS { ifIndex, t11ZsFabricIndex } STATUS current DESCRIPTION "This notification indicates that a Zone merge failure has occurred on the Fabric indicated by the value of t11ZsFabricIndex, on the interface indicated by the value of ifIndex. If multiple Virtual Fabrics are configured on an interface, and all have a Zone merge failure at the same time, then just one notification is generated and t11ZsFabricIndex has the value 4096." ::= { t11ZsMIBNotifications 2 } t11ZsMergeSuccessNotify NOTIFICATION-TYPE OBJECTS { ifIndex, t11ZsFabricIndex } STATUS current DESCRIPTION "This notification indicates that a successful Zone merge has occurred on the Fabric indicated by the value of t11ZsFabricIndex, on the interface indicated by the value of ifIndex. If multiple Virtual Fabrics are configured on an interface, and all have a successful Zone Merge DeSanti, et al. Standards Track [Page 71]
RFC 4936 FC Zone Server MIB August 2007 at the same time, then just one notification is generated and t11ZsFabricIndex has the value 4096." ::= { t11ZsMIBNotifications 3 } t11ZsDefZoneChangeNotify NOTIFICATION-TYPE OBJECTS { t11ZsServerDefaultZoneSetting } STATUS current DESCRIPTION "This notification indicates that the value of a Default Zone Setting has changed. The value of t11ZsServerDefaultZoneSetting contains the value after the change." ::= { t11ZsMIBNotifications 4 } t11ZsActivateNotify NOTIFICATION-TYPE OBJECTS { t11FamLocalSwitchWwn, t11ZsActivateResult } STATUS current DESCRIPTION "This notification is generated whenever a switch (indicated by the value of t11FamLocalSwitchWwn) activates/deactivates a Zone Set on a Fabric. The t11ZsActivateResult object denotes the outcome of the activation/deactivation." ::= { t11ZsMIBNotifications 5 } -- Conformance t11ZsMIBCompliances OBJECT IDENTIFIER ::= { t11ZsMIBConformance 1 } t11ZsMIBGroups OBJECT IDENTIFIER ::= { t11ZsMIBConformance 2 } t11ZsMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that implement the Zone Server." MODULE MANDATORY-GROUPS {t11ZsBasicGroup, t11ZsNotificationControlGroup, t11ZsNotificationGroup } GROUP t11ZsEnhancedModeGroup DESCRIPTION "This group is mandatory only for those systems with Zone Servers that support Enhanced Mode." GROUP t11ZsActivateGroup DESCRIPTION "Only entities that provide write access for activating a Zone Set support need to support DeSanti, et al. Standards Track [Page 72]
RFC 4936 FC Zone Server MIB August 2007 this group." GROUP t11ZsStatisticsGroup DESCRIPTION "These counters, containing Zone Server statistics, are mandatory only for those systems that count such events." OBJECT t11ZsSetRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsZoneRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsSetZoneRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsAliasRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsZoneMemberRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsAttribBlockRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsAttribRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION DeSanti, et al. Standards Track [Page 73]
RFC 4936 FC Zone Server MIB August 2007 "Write access is not required." OBJECT t11ZsServerDatabaseStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsServerDistribute MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsServerCommit MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsServerReadFromDatabase MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsServerOperationMode MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsServerDefaultZoneSetting MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsServerMergeControlSetting MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsServerDefZoneBroadcast MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsSetName MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsZoneName DeSanti, et al. Standards Track [Page 74]
RFC 4936 FC Zone Server MIB August 2007 MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsZoneAttribBlock MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsAliasName MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsZoneMemberFormat MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsZoneMemberID MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsAttribBlockName MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsAttribType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsAttribValue MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsActivateRequest MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsActivateDeactivate MIN-ACCESS read-only DESCRIPTION "Write access is not required." DeSanti, et al. Standards Track [Page 75]
RFC 4936 FC Zone Server MIB August 2007 OBJECT t11ZsNotifyRequestRejectEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsNotifyMergeFailureEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsNotifyMergeSuccessEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsNotifyDefZoneChangeEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT t11ZsNotifyActivateEnable MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { t11ZsMIBCompliances 1 } -- Units of Conformance t11ZsBasicGroup OBJECT-GROUP OBJECTS { t11ZsServerCapabilityObject, t11ZsServerDatabaseStorageType, t11ZsServerDistribute, t11ZsServerResult, t11ZsServerReasonCode, t11ZsServerReasonCodeExp, t11ZsServerReasonVendorCode, t11ZsServerLastChange, t11ZsServerHardZoning, t11ZsServerReadFromDatabase, t11ZsServerOperationMode, t11ZsSetName, t11ZsSetRowStatus, t11ZsZoneName, t11ZsZoneAttribBlock, t11ZsZoneRowStatus, t11ZsSetZoneRowStatus, t11ZsZoneMemberFormat, DeSanti, et al. Standards Track [Page 76]
RFC 4936 FC Zone Server MIB August 2007 t11ZsZoneMemberID, t11ZsZoneMemberRowStatus, t11ZsActiveZoneSetName, t11ZsActiveActivateTime, t11ZsActiveZoneName, t11ZsActiveZoneMemberFormat, t11ZsActiveZoneMemberID } STATUS current DESCRIPTION "A collection of objects for displaying and updating the Zone configuration of a Zone Server capable of operating in Basic mode." ::= { t11ZsMIBGroups 1 } t11ZsEnhancedModeGroup OBJECT-GROUP OBJECTS { t11ZsServerCommit, t11ZsServerChangeModeResult, t11ZsServerDefaultZoneSetting, t11ZsServerMergeControlSetting, t11ZsServerDefZoneBroadcast, t11ZsAliasName, t11ZsAliasRowStatus, t11ZsAttribBlockName, t11ZsAttribBlockRowStatus, t11ZsAttribType, t11ZsAttribValue, t11ZsAttribRowStatus, t11ZsActiveZoneBroadcastZoning, t11ZsActiveZoneHardZoning, t11ZsActiveAttribType, t11ZsActiveAttribValue } STATUS current DESCRIPTION "A collection of additional objects for displaying and updating the Zone configuration of a Zone Server capable of operating in Enhanced mode." ::= { t11ZsMIBGroups 2 } t11ZsStatisticsGroup OBJECT-GROUP OBJECTS { t11ZsOutMergeRequests, t11ZsInMergeAccepts, t11ZsInMergeRequests, t11ZsOutMergeAccepts, t11ZsOutChangeRequests, t11ZsInChangeAccepts, t11ZsInChangeRequests, DeSanti, et al. Standards Track [Page 77]
RFC 4936 FC Zone Server MIB August 2007 t11ZsOutChangeAccepts, t11ZsInZsRequests, t11ZsOutZsRejects } STATUS current DESCRIPTION "A collection of objects for collecting Zone Server statistics information." ::= { t11ZsMIBGroups 3 } t11ZsNotificationControlGroup OBJECT-GROUP OBJECTS { t11ZsNotifyRequestRejectEnable, t11ZsNotifyMergeFailureEnable, t11ZsNotifyMergeSuccessEnable, t11ZsNotifyDefZoneChangeEnable, t11ZsNotifyActivateEnable, t11ZsRejectCtCommandString, t11ZsRejectRequestSource, t11ZsRejectReasonCode, t11ZsRejectReasonCodeExp, t11ZsRejectReasonVendorCode, t11ZsFabricIndex } STATUS current DESCRIPTION "A collection of notification control and notification information objects for monitoring Zone Server request rejection and Zone merge failures." ::= { t11ZsMIBGroups 4 } t11ZsActivateGroup OBJECT-GROUP OBJECTS { t11ZsActivateRequest, t11ZsActivateDeactivate, t11ZsActivateResult, t11ZsActivateFailCause, t11ZsActivateFailDomainId } STATUS current DESCRIPTION "A collection of objects that allow a Zone Set to be activated via SNMP SetRequests and provide the status and result of such an activation." ::= { t11ZsMIBGroups 5 } t11ZsNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { t11ZsRequestRejectNotify, t11ZsMergeFailureNotify, DeSanti, et al. Standards Track [Page 78]
RFC 4936 FC Zone Server MIB August 2007 t11ZsMergeSuccessNotify, t11ZsDefZoneChangeNotify, t11ZsActivateNotify } STATUS current DESCRIPTION "A collection of notification(s) for monitoring Zone Server request rejection, Zone merge failures and successes, and Default Zoning behavioral changes." ::= { t11ZsMIBGroups 6 } END 8. IANA Considerations IANA has assigned two MIB OIDs: one for the T11-FC-FABRIC-LOCK-MIB module (159) and one for the T11-FC-ZONE-SERVER-MIB module (160), under the mib-2 subtree. 9. Security Considerations There are many management objects defined in these MIB modules with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. Specifically, unauthorized write access to *any* of the writable objects in these MIB modules could cause unauthorized manipulation of the Zoning information on a Zone Server, and/or the activation of an unauthorized Active Zone Set in a Fabric. This could result in allowing unauthorized connectivity, and/or denying authorized connectivity, between hosts connected to the Fibre Channel network. It could also cause the suppression of notifications (e.g., of unauthorized operations), or the disruption of network operations due to the generation of unwanted notifications. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. Unauthorized read access to any of the readable objects in the t11ZsServerTable, t11ZsActiveZoneTable, t11ZsActiveZoneMemberTable, or t11ZsActiveAttribTable tables would reveal information about the DeSanti, et al. Standards Track [Page 79]
RFC 4936 FC Zone Server MIB August 2007 currently authorized connectivity between hosts connected to the Fibre Channel network. Unauthorized read access to any of the readable objects in the t11ZsSetTable, t11ZsZoneTable, t11ZsSetZoneTable, t11ZsAliasTable, t11ZsZoneMemberTable, t11ZsAttribBlockTable, or t11ZsAttribTable tables would reveal information about potential/alternative connectivity that could be authorized between hosts connected to the Fibre Channel network. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementors consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 10. Acknowledgements This document was originally developed and approved by the INCITS Task Group T11.5 (http://www.t11.org) as the SM-ZSM project. We wish to acknowledge the many contributions and comments from the INCITS Technical Committee T11, especially from the following: T11 Chair: Robert Snively, Brocade T11 Vice Chair: Claudio DeSanti, Cisco Systems T11.5 Chair: Roger Cummings, Symantec T11.5 Vice Chair: Scott Kipp, McData and T11.5 members. The document was subsequently a work item of the IETF's IMSS Working Group, chaired by David Black (EMC Corporation). We thank Bert Wijnen (Lucent Technologies) for his thorough review of the document. We also wish to acknowledge Dan Romascanu (Avaya), the IETF Area Director, for his comments and assistance. DeSanti, et al. Standards Track [Page 80]
RFC 4936 FC Zone Server MIB August 2007 11. Normative References [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 58, RFC 3411, December 2002. [RFC3584] Frye, R., Levi, D., Routhier, S., and B. Wijnen, "Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework", RFC 3584, August 2003. [FC-GS-5] "Fibre Channel - Generic Services - 5 (FC-GS-5)", ANSI INCITS 427-2007, http://www.t11.org/t11/stat.nsf/upnum/1677-d, 2007. [FC-GS-4] "Fibre Channel - Generic Services - 4 (FC-GS-4)", ANSI INCITS 387-2004, http://www.t11.org/t11/stat.nsf/upnum/1505-d, August 2004. [FC-SW-4] "Fibre Channel - Switch Fabric - 4 (FC-SW-4)", ANSI INCITS 418-2006, http://www.t11.org/t11/stat.nsf/upnum/1674-d, December 2006. [FC-FS] "Fibre Channel - Framing and Signaling (FC-FS)", ANSI INCITS 373-2003, April 2003. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. DeSanti, et al. Standards Track [Page 81]
RFC 4936 FC Zone Server MIB August 2007 [RFC4044] McCloghrie, K., "Fibre Channel Management MIB", RFC 4044, May 2005. [RFC4438] DeSanti, C., Gaonkar, V., Vivek, H., McCloghrie, K., and S. Gai, "Fibre-Channel Name Server MIB", RFC 4438, March 2006. [RFC4439] DeSanti, C., Gaonkar, V., McCloghrie, K., and S. Gai, "Fibre-Channel Fabric Address Manager MIB", RFC 4439, March 2006. [APPL-ID] Steven Wilson (FC-SW-5, Editor), "FC-SW-5 Letter to T11.5", ANSI INCITS T11/06-679v0, http://www.t11.org/ftp/t11/pub/fc/sw-5/06-679v0.pdf, 21 September 2006. Approved by the T11 and T11.5 plenary meetings on October 5, 2006. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 12. Informative References [RFC2741] Daniele, M., Wijnen, B., Ellison, M., and D. Francisco, "Agent Extensibility (AgentX) Protocol Version 1", RFC 2741, January 2000. [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. DeSanti, et al. Standards Track [Page 82]
RFC 4936 FC Zone Server MIB August 2007 Authors' Addresses Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Phone: +1 408 853-9172 EMail: cds@cisco.com H.K. Vivek Cisco Systems, Inc. 71 Millers Rd Bangalore, India Phone: +91 80 2289933x5117 EMail: hvivek@cisco.com Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Phone: +1 408 526-5260 EMail: kzm@cisco.com Silvano Gai Nuova Systems 3 West Plumeria Drive San Jose, CA 95134 Phone: +1 408 387-6123 EMail: sgai@nuovasystems.com DeSanti, et al. Standards Track [Page 83]
RFC 4936 FC Zone Server MIB August 2007
Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
DeSanti, et al. Standards Track [Page 84]
mirror server hosted at Truenetwork, Russian Federation.