-- Copyright (C) Cambium Networks. All Rights Reserved. --

CAMBIUM-NETWORKS-DYNAMIC-ARP-INSPECTION-MIB DEFINITIONS ::= BEGIN

IMPORTS

    OBJECT-TYPE,MODULE-IDENTITY, Integer32, Unsigned32,
    enterprises, NOTIFICATION-TYPE, Counter32, IpAddress
         FROM SNMPv2-SMI
    RowStatus, TEXTUAL-CONVENTION, MacAddress, TruthValue,
    DisplayString
         FROM SNMPv2-TC
    dot1qTpFdbPort
         FROM Q-BRIDGE-MIB
    dot1qStaticUnicastEntry
         FROM Q-BRIDGE-MIB
    dot1qVlanStaticEntry
         FROM Q-BRIDGE-MIB
    VlanIdOrNone
         FROM Q-BRIDGE-MIB
    dot1qTpFdbEntry, PortList
         FROM Q-BRIDGE-MIB;

cnDaiMib MODULE-IDENTITY
    LAST-UPDATED "202202170000Z"     -- February 17, 2022
    ORGANIZATION "Cambium Networks, Inc."
    CONTACT-INFO "cambiumnetworks.com"
    DESCRIPTION
        "This MIB module contains objects related to the
        Dynamic ARP Inspection feature."

    REVISION    "202202170000Z"     -- February 17, 2022
    DESCRIPTION "Added support for port channel."

    REVISION    "201903070000Z"     -- March 07, 2019
    DESCRIPTION "Ver 1:  Initial version."

    ::= {  enterprises futuresoftware(2076) 110 }

    TrustState ::= TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION
        "Dynamic ARP Inspection trust state of the port."
    SYNTAX      INTEGER { untrusted(0), trusted(1) }

    VlanId ::= TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION
        "A 12-bit VLAN ID used in the VLAN Tag header."
    SYNTAX      Integer32 (1..4094)

    AdminStatus ::= TEXTUAL-CONVENTION
    STATUS      current
    DESCRIPTION
        "Dynamic ARP Inspection admin status for VLAN entry. "
    SYNTAX      INTEGER { enabled(1), disabled(2) }

-- ***************************************************************************
--                         Groups in the MIB
-- ***************************************************************************
    cnDaiGlobal     OBJECT IDENTIFIER ::= { cnDaiMib 1 }
    cnDaiVlanCfg    OBJECT IDENTIFIER ::= { cnDaiMib 2 }
    cnDaiIfCfg      OBJECT IDENTIFIER ::= { cnDaiMib 3 }
-- ***************************************************************************
--                               GROUPS
-- ***************************************************************************

-- **************************** VLAN Entry ******************************

    cnDaiDebugFlag     OBJECT-TYPE
        SYNTAX          Integer32
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "This object is used to set a specific value for Dynamic ARP inspection
             debug traces."
        DEFVAL  { 0 }
    ::= { cnDaiGlobal 1 }

    cnDaiVlanCfgTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF CnDaiVlanCfgEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table contains the configuration & statistics collection
            parameters of Dynamic ARP Inspection for a specified VLAN."
    ::= { cnDaiVlanCfg 1 }
                               
    cnDaiVlanCfgEntry OBJECT-TYPE
        SYNTAX CnDaiVlanCfgEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "Each row instance gives the Dynamic ARP Inspection status on VLAN and the
	         in that VLAN for the Dynamic ARP Inspection module"
        INDEX { cnDaiVlanCfgVlanId }
    ::= { cnDaiVlanCfgTable 1 }

    CnDaiVlanCfgEntry ::= SEQUENCE {
        cnDaiVlanCfgVlanId                  VlanId,
        cnDaiVlanCfgDaiAdminStatus 	        AdminStatus,
        cnDaiVlanForwarded                  Counter32,
        cnDaiVlanDropped                    Counter32,
        cnDaiVlanInvalidProtocolData        Counter32,
        cnDaiVlanSrcMacValidationFailures   Counter32,
        cnDaiVlanIpValidationFailures       Counter32,
        cnDaiVlanDhcpBindingsPermitted      Counter32,
        cnDaiVlanDhcpBindingsDenied         Counter32,
        cnDaiVlanStaticBindingsPermitted    Counter32,
        cnDaiVlanStaticBindingsDenied       Counter32,
        cnDaiVlanCfgRowStatus    	        RowStatus
    }

   cnDaiVlanCfgVlanId OBJECT-TYPE
        SYNTAX      VlanId
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "Vlan ID of the VLAN to which this table-entry is associated."
    ::= { cnDaiVlanCfgEntry 1 }

   cnDaiVlanCfgDaiAdminStatus OBJECT-TYPE
        SYNTAX      AdminStatus
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "This OID is used to enable or disable the Dynamic ARP inspection on a per-VLAN basis."
        DEFVAL  { disabled }
    ::= { cnDaiVlanCfgEntry 2 }

    cnDaiVlanForwarded OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets which successfully passed all
             the validity checks specific to Dynamic ARP inspection being subject to
             forwarding."
    ::= { cnDaiVlanCfgEntry 3 }

    cnDaiVlanDropped OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets which did not passed
             one of the validity checks specific to Dynamic ARP inspection,
             meaning that it will be dropped."
    ::= { cnDaiVlanCfgEntry 4 }

    cnDaiVlanInvalidProtocolData OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets which contain data
             that is not valid for the ARP packet format."
    ::= { cnDaiVlanCfgEntry 5 }

    cnDaiVlanSrcMacValidationFailures OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets for which the source
             HW address from the ARP payload didn't match any MAC address
             in the binding table."
    ::= { cnDaiVlanCfgEntry 6 }

    cnDaiVlanIpValidationFailures OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets for which the source
             protocol address from the ARP payload specific to source HW address
             also from the ARP payload didn't match any IP address in the binding table."
    ::= { cnDaiVlanCfgEntry 7 }

    cnDaiVlanDhcpBindingsPermitted OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets which were validated against an
             entry in the binding table which was learned through DHCP Snooping."
    ::= { cnDaiVlanCfgEntry 8 }

    cnDaiVlanDhcpBindingsDenied OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets which were invalidated against an
             entry in the binding table which was learned through DHCP Snooping."
    ::= { cnDaiVlanCfgEntry 9 }

    cnDaiVlanStaticBindingsPermitted OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets which were validated against a
             static entry from the binding table."
    ::= { cnDaiVlanCfgEntry 10 }

    cnDaiVlanStaticBindingsDenied OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the total number of ARP packets which were invalidated against a
             static entry from the binding table."
    ::= { cnDaiVlanCfgEntry 11 }

	cnDaiVlanCfgRowStatus OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "Row-Status of the VLAN interface entry."
    ::= { cnDaiVlanCfgEntry 12 }

    cnDaiIfCfgTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF CnDaiIfCfgEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table contains the configuration & statistics collection
            parameters of Dynamic ARP Inspection for a specified VLAN. "
    ::= { cnDaiIfCfg 1 }

    cnDaiIfCfgEntry OBJECT-TYPE
        SYNTAX CnDaiIfCfgEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "Each row instance gives the Dynamic ARP Inspection status on VLAN and the
	         in that VLAN for the Dynamic ARP Inspection module"
        INDEX { cnDaiIfCfgIfIndex }
    ::= { cnDaiIfCfgTable 1 }

    CnDaiIfCfgEntry ::= SEQUENCE {
        cnDaiIfCfgIfIndex                   Integer32,
        cnDaiIfCfgTrustState 	            TrustState
    }

    cnDaiIfCfgIfIndex OBJECT-TYPE
        SYNTAX         Integer32(1..60)
        MAX-ACCESS     not-accessible
        STATUS         current
        DESCRIPTION
            "Port (ifIndex) identifier attribute"

    ::= { cnDaiIfCfgEntry 1 }

    cnDaiIfCfgTrustState OBJECT-TYPE
        SYNTAX         TrustState
        MAX-ACCESS     read-write
        STATUS         current
        DESCRIPTION
            "Set the Dynamic ARP Inspection trust state for the given interface.
             If the interface is part of a port channel it cannot be set."
        DEFVAL  { untrusted }

    ::= { cnDaiIfCfgEntry 2 }

END
