Guest

Cisco Wide Area File Services Software (WAFS)

Cisco WAFS 3.0 MIB Quick Reference

Hierarchical Navigation

Downloads

Table Of Contents

Cisco WAFS MIB Quick Reference

SNMP and MIBs

Understanding the Different Versions of SNMP

SNMP Security Models and Security Levels

Accessing MIB Variables Through SNMP

SNMP Traps and Informs

Interpreting the MIB Structure

Object Identifiers

Tables

SYNTAX Clause

MAX-ACCESS Clause

AGENT-CAPABILITIES

MIB Loading Order

Accessing and Downloading MIB Files

MIBs Supported by WAFS 3.0

Cisco-Specific MIBs Supported in WAFS 3.0

ACTONA-ACTASTOR-MIB

CISCO-CONFIG-MAN-MIB

CISCO-CDP-MIB

CISCO-ENTITY-ASSET-MIB

EVENT-MIB

HOST-RESOURCES-MIB

MIB-II

ENTITY-MIB

CISCO-CONTENT-ENGINE-MIB


Cisco WAFS MIB Quick Reference

Text Part Number: OL-7265-01

This document describes the private, or local, Management Information Base (MIB) files for the Cisco Wide Area File Services (WAFS) and ActaStor components. The Cisco MIB files are provided with all Cisco WAFS software releases. The MIB files contain variables that can be set or read to provide information on network devices and interfaces.

This document provides the following information:

SNMP and MIBs

Accessing and Downloading MIB Files

MIBs Supported by WAFS 3.0

Cisco-Specific MIBs Supported in WAFS 3.0

SNMP and MIBs

Each Cisco Wide Area Application Engine (WAE) that runs the WAFS 3.0 software has an SNMP agent that is responsible for gathering information about the WAE's device configuration and activity. Before you can access this SNMP information, you must have deployed an SNMP management application on a management station. This SNMP management station is referred to as the SNMP host because it uses SNMP to send the device agent an SNMP Get request to obtain information from the WAE.

The SNMP management station and the device agent (the SNMP agent on the File Engine) use SNMP to communicate, as follows:

1. The SNMP management station (the SNMP host) requests information from the WAE.

2. After receiving these SNMP requests, the device agent on the WAE accesses a table that contains information about the individual device (WAE). This table, or database, is called a Management Information Base (MIB).

Note The SNMP agent on the WAE only initiates communication with the SNMP host under unusual conditions; for example, it will initiate communication when it has a trap it needs to send to the host.

3. After locating the specified information in the MIB, the device agent uses SNMP to send the information to the SNMP management station.

Understanding the Different Versions of SNMP

WAFS 3.0 software supports the following versions of SNMP:

Version 1 (SNMPv1)—The initial implementation of SNMP is fully described in RFC 1157.

Version 2 (SNMPv2c)—The second release of SNMP provides additions to data types, counter size, and protocol operations and is described in RFC 1902.

Version 3 (SNMPv3)—The most recent version of SNMP is described in RFC 2271 through RFC 2275.

SNMP Security Models and Security Levels

SNMPv1 and SNMPv2c do not have any security (that is, authentication or privacy) mechanisms to keep SNMP packet traffic confidential. As a result, packets on the wire can be detected and SNMP community strings compromised.

To solve the security shortcomings of SNMPv1 and SNMPv2c, SNMPv3 provides secure access to WAEs by authenticating and encrypting packets over the network. The SNMP agent in the WAFS 3.0 software supports SNMPv3 as well as SNMPv1 and SNMPv2c.

The following security features are provided in SNMPv3:

Message integrity—Ensures that nothing has interfered with a packet during transmission.

Authentication—Determines that the message is from a valid source.

Encryption—Scrambles the contents of a packet to prevent it from being seen by an unauthorized source.

SNMPv3 provides security models as well as security levels. A security model is an authentication process that is set up for a user and the group in which the user resides. A security level is the permitted level of security within a security model. A combination of a security model and a security level determines which security process is used when an SNMP packet is handled. Three security models are available: SNMPv1, SNMPv2c, and SNMPv3.

Table 1 describes the combinations of security models and security levels.

Table 1 SNMP Security Models and Security Levels 

Model
Level
Authentication
Encryption
Process

v1

noAuthNoPriv

Community string

No

Uses a community string match for user authentication.

v2c

noAuthNoPriv

Community string

No

Uses a community string match for user authentication.

v3

noAuthNoPriv

Username

No

Uses a username match for user authentication.

v3

AuthNoPriv

Message Digest 5 (MD5)
or Secure Hash Algorithm (SHA)

No

Provides authentication based on the Hash-Based Message Authentication Code (HMAC)-MD5 or HMAC-SHA algorithms.

v3

AuthPriv

MD5 or SHA

Yes

Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. Provides Data Encryption Standard (DES) 56-bit encryption (packet authentication) based on the cipher block chaining (CBC)-DES (DES-56) standard.


The SNMPv3 agent can be used in the following modes:

noAuthNoPriv mode (that is, no security mechanisms turned on for packets)

AuthNoPriv mode (for packets that do not need to be encrypted using the privacy algorithm [DES 56])

AuthPriv mode (for packets that must be encrypted; privacy requires that authentication be performed on the packet)

Using SNMPv3, users can securely collect management information from their SNMP agents without worrying that the data has been tampered with. Also, confidential information, such as SNMP set packets that change a File Engine's configuration, can be encrypted to prevent their contents from being exposed on the wire. Also, the group-based administrative model allows different users to access the same SNMP agent with varying access privileges.

Accessing MIB Variables Through SNMP

You can access the Cisco MIB variables through SNMP. The SNMP system consists of three parts: SNMP manager, SNMP agent, and MIB. You can compile Cisco MIBs with your network management software. If SNMP is configured on a device, the SNMP agent responds to MIB-related queries sent by the NMS.

Table 2 describes the SNMP operations.

Table 2 SNMP Operations 

Operation
Description

get-request

Retrieves a value from a specific variable.

get-next-request

Retrieves the value following the named variable. Often used to retrieve variables from within a table.1

get-bulk2

Retrieves large blocks of data, such as multiple rows in a table, which would otherwise require the transmission of many small blocks of data.

set-request

Stores a value in a specific variable.

response

Replies to the above commands sent by an NMS and to the informs sent by an agent.

trap

Sends an unsolicited message by an SNMP agent to an SNMP manager indicating that some event has occurred.

inform2

Sends an unsolicited message by an SNMP agent to an SNMP manager indicating that some event has occurred. Differs from a trap in that an acknowledgement is required from the manager.

1 With this operation, an SNMP manager does not need to know the exact variable name. A sequential search finds the next variable from within the MIB.

2 The get-bulk and inform commands are not a part of SNMPv1.


SNMP has been updated twice since its inception. SNMPv1 is the initial version of the protocol. SNMPv2 added support for 64-bit counters, and SNMPv3 added robust security for access, authentication, and encryption of managed data.

SNMP Traps and Informs

You can configure the WAE to send notifications to SNMP managers when particular events occur. You can send these notifications as traps or inform requests. Traps are unreliable because the receiver does not send any acknowledgment when it receives a trap. The sender cannot determine if the trap was received. However, an SNMP manager that receives an inform request acknowledges the message with an SNMP response. If the sender never receives a response, the inform request can be sent again. Thus, informs are more likely to reach their intended destinations.

Use the SNMP-TARGET-MIB to obtain more information on trap destinations and inform requests.

Interpreting the MIB Structure

A MIB presents the managed data in a logical tree hierarchy, using an IETF standard syntax called the Structure of Management Information (SMI). Branches of this MIB tree are organized into individual tables, which contain the managed data as leaf objects. Understanding these concepts is fundamental to interpreting the management information provided by the MIB.

This section provides the following information:

Object Identifiers

Tables

SYNTAX Clause

MAX-ACCESS Clause

AGENT-CAPABILITIES

Object Identifiers

The MIB structure is logically represented by a tree hierarchy. The root of the tree is unnamed and splits into three main branches: Consultative Committee for International Telegraph and Telephone (CCITT), International Organization for Standardization (ISO), and joint ISO/CCITT.

These branches and those that fall below each category have short text strings and integers to identify them. Text strings describe object names, while integers allow computer software to create compact, encoded representations of the names.

Each MIB variable is assigned an object identifier. The object identifier is the sequence of numeric labels on the nodes along a path from the root to the object. For example, the MIB variable tftpHost is indicated by the number 1. The object identifier for tftpHost is iso.org.dod.internet.private.enterprise.cisco.workgroup products.stack group.tftp group.tftpHost or .1.3.6.1.4.1.9.5.1.5.1. The last value is the number of the MIB variable tftpHost.

Tables

When network management protocols use names of MIB objects in messages, each name has an appended suffix. This suffix is called an instance identifier. It identifies one occurrence of the associated MIB object. For simple scalar objects, the instance identifier 0 refers to the instance of the object with that name (for example, sysUpTime.0).

A MIB also can contain tables of related objects. For example, ifOperStatus is a MIB object inside the ifTable from the IF-MIB. It reports the operational state for an interface on a device. Because devices may have more than one interface, it is necessary to have more than one instance of ifOperStatus. This instance value is added to the end of the MIB object as the instance identifier (for example, ifOperStatus.2 reports the operational state for interface number 2).

Each object in a table is constructed with a set of clauses defined by the SMI. These clauses include the SYNTAX clause, MAX-ACCESS clause, STATUS clause and DESCRIPTION clause.

An excerpt of the ACTONA-ACTASTOR-MIB follows: 

csConnectivityTable OBJECT-TYPE

     SYNTAX SEQUENCE OF CsConnectivityEntry

     MAX-ACCESS not-accessible

     STATUS current

     DESCRIPTION

         "A table describing the current state of EdgeServer

          connections to this CoreServer"

  -- 1.3.6.1.4.1.17471.1.3.2.1 --

::= { csState 1 }


csConnectivityEntry OBJECT-TYPE

     SYNTAX CsConnectivityEntry

     MAX-ACCESS not-accessible

     STATUS current

     DESCRIPTION

         "A single entry in the connection table - denoting a

          specific EdgeServer"

     INDEX {

        csConTabIndex }

  -- 1.3.6.1.4.1.17471.1.3.2.1.1 --

::= { csConnectivityTable 1 }


CsConnectivityEntry

::= SEQUENCE {

     csConTabIndex                    Integer32,

     csConTabClusterID                Integer32,

     csConTabClusterName              OCTET STRING,

     csConTabIsConnected              INTEGER,

     csConTabTotalSentMessages        Counter32,

     csConTabSentCompressionRatio     Integer32,

     csConTabTotalReceivedMessages    Counter32,

     csConTabReceivedCompressionRatio Integer32,

     csConTabTotalSentKBytes          Unsigned32,

     csConTabTotalReceivedKBytes       Unsigned32

}

SYNTAX Clause

The SYNTAX clause describes the format of the information, or value, that is returned when you monitor or set information in a MIB.

The Cisco WAFS MIBs are defined with the SNMPv2 Structure of Management Information version 2 (SNMPv2-SMI) defined in RFC 1902. Some examples of SNMPv2-SMI syntax are as follows:

Counter32—A nonnegative integer that increases until it reaches some maximum value. After reaching the maximum value, it rolls over to zero. For example, the variable ifInOctets, with a Counter32 syntax, counts the number of input octets on an interface.

Gauge32—A nonnegative integer that increases until it reaches some maximum value. After reaching the maximum value, it stays fixed (no roll over).

Counter64—A nonnegative 64-bit integer that increases until it reaches some maximum value. After reaching the maximum value, it rolls back to zero. Counter64 is used for MIB objects that can reach high values in a short period of time (for example, a packet counter for a Gigabit Ethernet port).

Integer32—An integer from -232 to 232-1.

IPAddress—An octet string that represents an IP address. For example, the variable hostConfigAddr indicates the IP address of the host that provided the host configuration file for a device.

Timeticks—A nonnegative integer that counts the hundredths of a second that have elapsed since an event. For example, the variable loctcpConnElapsed provides the length of time that a TCP connection has been established.

MAX-ACCESS Clause

The MAX-ACCESS clause identifies the maximum access level for the associated MIB object. This clause can represent one of the following five states: read-create, read-write, read-only, accessible-for-notify, and not-accessible.

read-create—This specifies an object within a table that can be read, modified, or created as a new row in a table.

read-write—You can read or modify this object.

read-only—You can only read this object.

accessible-for-notify—You cannot read or write to this object. SNMP notifications can send this object as part of their event information.

not-accessible—You cannot read or write to this object. Table indices are typically objects that are not accessible.

AGENT-CAPABILITIES

In SNMP, capabilities files provide implementation details for the associated MIB. These files, called AGENT-CAPABILITIES, list supported conformance groups and any deviations from the MIB as implemented in the associated software version. For instance, the CISCO-AAA-SERVER-CAPABILITY provides the implementation details for the CISCO-AAA-SERVER-MIB, as implemented in the Cisco WAFS 3.0.

Note Capabilities files may have implementation details for more than one software release. You need to match your software release to the corresponding AGENT-CAPABILITIES clause in this file.

MIB Loading Order

Many MIBs use definitions that are defined in other MIBs. These definitions are listed in the IMPORTS section near the top of the MIB.

For example, if MIB B imports a definition from MIB A, some MIB compilers require you to load MIB A prior to loading MIB B. If you get the MIB loading order wrong, you might get an error message on what was imported, claiming it is undefined or not listed in IMPORTS. If this happens, look at the loading order of the MIB definitions from the IMPORTS of the MIB. Make sure that you have loaded all the preceding MIBs first.

Here is a list of MIBs from which many other MIBs import definitions. The MIBs are listed in the order in which you should load them:

SNMPv2-SMI.my

SNMPv2-TC.my

SNMPv2-MIB.my

RFC1213-MIB.my

CISCO-SMI.my

CISCO-TC.my

ENTITY-MIB.my

Any other supported MIBs

If you load the MIBs in this order, you can eliminate most of your load-order definition problems.You can load most other MIBs (those not listed here) in any order.

Accessing and Downloading MIB Files

You can download the MIB files for all of the MIBS that are supported by a standalone WAE that is running WAFS 3.0 software from the following Cisco File Transfer Protocol (FTP) site:

ftp://ftp.cisco.com/pub/mibs/v2

The MIB objects that are defined in each MIB file are self explanatory.

To download these MIB files with passive FTP, follow these steps:

Step 1 Access ftp.cisco.com using passive FTP.

Step 2 Log in with your Cisco.com username and password, or as anonymous, with your e-mail address.

Step 3 Enter cd /pub/mibs/v2/ to change directories.

Step 4 Use the get command to copy the desired files to your local system.

Step 5 Use the quit command to exit passive FTP.

MIBs Supported by WAFS 3.0

Cisco WAFS 3.0 supports several standard MIBs and Cisco-specific MIBs. For more information about IETF-standard MIBs in Table 3, refer to http://www.ietf.org. For more information about the Cisco-specific MIBS, see the "Cisco-Specific MIBs Supported in WAFS 3.0" section.

Table 3 shows the MIBs supported by Cisco WAFS Release 3.0.

Table 3 MIBs Supported by WAFS 3.0

MIB
Description

ACTONA-ACTASTOR-MIB

Provides WAFS statistics.

CISCO-CONFIG-MAN-MIB

Represents a model of configuration data that exists in various locations.

CISCO-CDP-MIB

Manages the Cisco Discovery Protocol in Cisco devices.

CISCO-ENTITY-ASSET-MIB

Displays the ifIndex value of the local interface.

EVENT-MIB

Defines event triggers and actions for network management purposes.

HOST-RESOURCES-MIB

Provides host system management.

MIB-II

Is the Internet standard MIB. Used with network management protocols in TCP/IP-based internets.

ENTITY-MIB

Represents multiple logical entities supported by a single SNMP agent.

CISCO-CONTENT-ENGINE-MIB

Is the MIB module for the Cisco Content Engine from Cisco Systems, Inc.


Cisco-Specific MIBs Supported in WAFS 3.0

This section describes the Cisco-specific MIBs that are supported by the latest Cisco WAFS release for the Wide Area File Services and ActaStor components. MIBs are listed in alphabetical order. The following Cisco-specific MIBs are supported:

ACTONA-ACTASTOR-MIB

CISCO-CONFIG-MAN-MIB

CISCO-CDP-MIB

CISCO-ENTITY-ASSET-MIB

EVENT-MIB

HOST-RESOURCES-MIB

MIB-II

ENTITY-MIB

CISCO-CONTENT-ENGINE-MIB

ACTONA-ACTASTOR-MIB

This MIB provides WAFS statistics that include ActaStor version number, license information, install information, and general information.

CISCO-CONFIG-MAN-MIB

This MIB represents a model of configuration data that exists in various locations:

running—In use by the running system

terminal—Attached hardware

local—Saved locally in NVRAM or in Flash memory

remote—Saved to a server on the network

This MIB includes only such operations that are clearly related to configuration, although some of the system functions can be used for general file storage and transfer.

CISCO-CDP-MIB

This MIB displays the ifIndex value of the local interface. For 802.3 repeaters on which the repeater ports do not have ifIndex values assigned, this value is a unique value for the port and is greater than any ifIndex value supported by the repeater. In this example, the specific port is indicated by the corresponding values of cdpInterfaceGroup and cdpInterfacePort, where these values correspond to the group number and the port number values of RFC 1516.

CISCO-ENTITY-ASSET-MIB

This MIB monitors the asset information of items in the ENTITY-MIB (RFC 2037) entPhysicalTable. This MIB lists the orderable part number, serial number, hardware revision, manufacturing assembly number and revision, firmware ID and revision, if any, and software ID and revision, if any, of relevant entities listed in ENTITY-MIB entPhysicalTable.

Entities that have none of this data available are not listed in this MIB. The table in this MIB is sparse so some of these variables may not exist for a particular entity at a particular time. For example, a powered-off module does not have a software ID and revision; a power supply would probably never have firmware or software information.

Although the data may have other items encoded in it (for example, a manufacturing date in the serial number), treat all data items as a single unit. Do not decompose them or parse them. Use only string equal and unequal operations on them.

EVENT-MIB

This MIB defines event triggers and actions for network management purposes. The MIB is published as RFC 2981.

HOST-RESOURCES-MIB

This MIB manages host systems. The term "host" implies any computer that communicates with other similar computers connected to the Internet. The HOST-RESOURCES-MIB does not necessarily apply to devices whose primary function is communications services (terminal servers, routers, bridges, monitoring equipment). This MIB provides attributes that are common to all Internet hosts, for example, personal computers and systems that run variants of UNIX.

MIB-II

MIB-II is the Internet Standard MIB. The MIB-II is documented in RFC 1213 and is for use with network management protocols in TCP/IP-based internets.

Note The software does not respond to the MIB-II ifOutUcastPkts object ID (1.3.6.1.2.1.2.2.1.17) for any interface.

ENTITY-MIB

This is the MIB module for representing multiple logical entities supported by a single SNMP agent.

CISCO-CONTENT-ENGINE-MIB

This is the MIB module for the Cisco Content Engine from Cisco Systems, Inc.

Cisco WAFS MIB Quick Reference
Copyright © 2005 Cisco Systems, Inc. All rights reserved.