-- ******************************************************************* -- Juniper enterprise Network Address Translation (NAT) MIB. -- -- Copyright (c) 2001-2007, Juniper Networks, Inc. -- All rights reserved. -- -- The contents of this document are subject to change without notice. -- ******************************************************************* JUNIPER-JS-NAT-MIB DEFINITIONS ::= BEGIN IMPORTS Gauge32, Integer32, NOTIFICATION-TYPE, MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI InterfaceIndex FROM IF-MIB DateAndTime, DisplayString FROM SNMPv2-TC InetAddressIPv4 FROM INET-ADDRESS-MIB jnxJsNAT FROM JUNIPER-JS-SMI; jnxJsNatMIB MODULE-IDENTITY LAST-UPDATED "200704132022Z" -- April 13, 2007 ORGANIZATION "Juniper Networks, Inc." CONTACT-INFO "Juniper Technical Assistance Center Juniper Networks, Inc. 1194 N. Mathilda Avenue Sunnyvale, CA 94089 E-mail: support@juniper.net HTTP://www.juniper.net" DESCRIPTION "This module defines the object that are used to monitor network address translation attributes." REVISION "200704132022Z" -- April 13, 2007 DESCRIPTION "Creation Date" ::= { jnxJsNAT 1 } jnxJsNatNotifications OBJECT IDENTIFIER ::= { jnxJsNatMIB 0 } jnxJsNatObjects OBJECT IDENTIFIER ::= { jnxJsNatMIB 1 } jnxJsNatTrapVars OBJECT IDENTIFIER ::= { jnxJsNatMIB 2 } -- *************************************************************** -- Source NAT (Network Address Translation) Table -- *************************************************************** jnxJsSrcNatNumOfEntries OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of dynamic addresses being translated. jnxJsSrcNatNumOfEntries provides the total number of entries in the jnxJsSrcNatTable. " ::= { jnxJsNatObjects 1 } jnxJsSrcNatTable OBJECT-TYPE SYNTAX SEQUENCE OF JnxJsSrcNatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table exposes the source NAT translation attributes of the translated addresses. When performing source IP address translation, the device translates the original source IP address and/or port number to different one. The resource, address source pools provide the security device with a supply of addresses from which to draw when performing source network address translation. The security device has the following types of source pools: - source pool with PAT (Port Address Translation) - source pool without PAT - Static Source Pool This table contains information on source IP address translation only." ::= { jnxJsNatObjects 2 } jnxJsSrcNatEntry OBJECT-TYPE SYNTAX JnxJsSrcNatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Source NAT address entries. It is indexed by the address pool table and the address allocated. " INDEX { jnxJsNatSrcIpPoolName, jnxJsNatSrcGlobalAddr } ::= { jnxJsSrcNatTable 1 } JnxJsSrcNatEntry ::= SEQUENCE { jnxJsNatSrcIpPoolName DisplayString, jnxJsNatSrcGlobalAddr InetAddressIPv4, jnxJsNatSrcPortPoolType INTEGER, jnxJsNatSrcNumOfPortInuse INTEGER, jnxJsNatSrcNumOfSessions INTEGER, jnxJsNatSrcAssocatedIf InterfaceIndex } jnxJsNatSrcIpPoolName OBJECT-TYPE SYNTAX DisplayString (SIZE(1..32)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The name of dynamic source IP address pool. This is the address pool where the translated address is allocated from. " ::= { jnxJsSrcNatEntry 1 } jnxJsNatSrcGlobalAddr OBJECT-TYPE SYNTAX InetAddressIPv4 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of dynamic source IP address allocated from the address pool used in the NAT translation. " ::= { jnxJsSrcNatEntry 2 } jnxJsNatSrcPortPoolType OBJECT-TYPE SYNTAX INTEGER { withPAT (1), withoutPAT (2), static (3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Source NAT can do address translation with or without port address translation (PAT). The source port pool type indicates whether the address translation is done with port or without the port, or if it is a static translation. withPAT(Source Pool with PAT): the security device translates both source IP address and port number of the packets withoutPAT (Source Pool without PAT): the device performs source network address translation for the IP address without performing port address translation (PAT) for the source port number. Static translation means that one range of IP addresses is statically mapped one to one to a shifted range of IP addresses. " ::= { jnxJsSrcNatEntry 3 } jnxJsNatSrcNumOfPortInuse OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The number of ports in use for this NAT address entry. This attribute is only applicable to NAT translation with PAT." ::= { jnxJsSrcNatEntry 4 } jnxJsNatSrcNumOfSessions OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The number of sessions are in use based on this NAT address entry. This attribute is only applicable to NAT translation without PAT." ::= { jnxJsSrcNatEntry 5 } jnxJsNatSrcAssocatedIf OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The index of interface associated with this NAT address entry. This is an unique value, greater than zero, for each interface." ::= { jnxJsSrcNatEntry 6 } -- *************************************************************** -- Port Usage of Interface Source Pool -- *************************************************************** jnxJsNatIfSrcPoolPortTable OBJECT-TYPE SYNTAX SEQUENCE OF JnxJsNatIfSrcPoolPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table monitors the port usage of the NAT interface source IP address pool. Interface source pool is pre-defined. This source pool is referenced in a policy it is configured. The security device translates the source IP address to the address of the egress interface for the traffic matching a policy which references interface source pool. The security device always applies port address translation (PAT) for interface source pool. " ::= { jnxJsNatObjects 3 } jnxJsNatIfSrcPoolPortEntry OBJECT-TYPE SYNTAX JnxJsNatIfSrcPoolPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Source NAT address entries. It is indexed by the address pool table and the address. " INDEX { jnxJsNatIfSrcPoolIndex } ::= { jnxJsNatIfSrcPoolPortTable 1 } JnxJsNatIfSrcPoolPortEntry ::= SEQUENCE { jnxJsNatIfSrcPoolIndex INTEGER, jnxJsNatIfSrcPoolTotalSinglePorts INTEGER, jnxJsNatIfSrcPoolAllocSinglePorts INTEGER, jnxJsNatIfSrcPoolTotalTwinPorts INTEGER, jnxJsNatIfSrcPoolAllocTwinPorts INTEGER } jnxJsNatIfSrcPoolIndex OBJECT-TYPE SYNTAX INTEGER(0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of the port pool of this address pool." ::= { jnxJsNatIfSrcPoolPortEntry 1 } jnxJsNatIfSrcPoolTotalSinglePorts OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of single ports in a port pool." ::= { jnxJsNatIfSrcPoolPortEntry 2 } jnxJsNatIfSrcPoolAllocSinglePorts OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The number of single ports in a port pool allocated or inuse." ::= { jnxJsNatIfSrcPoolPortEntry 3 } jnxJsNatIfSrcPoolTotalTwinPorts OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of twin ports in a port pool." ::= { jnxJsNatIfSrcPoolPortEntry 4 } jnxJsNatIfSrcPoolAllocTwinPorts OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The number of twin ports in a port pool allocated or inuse." ::= { jnxJsNatIfSrcPoolPortEntry 5 } -- *************************************************************** -- NAT Trap definition -- *************************************************************** -- -- NAT Address Pool Utilization Threshold Status -- jnxJsNatAddrPoolThresholdStatus NOTIFICATION-TYPE OBJECTS { jnxJsNatSrcIpPoolName, jnxJsNatAddrPoolUtil } STATUS current DESCRIPTION "The NAT address pool untilization threshold status trap signifies that the address pool utilization is either exceeds certain percentage, or clear of that percentage. jnxJsNatSrcIpPoolName is the name of the resource pool jnxJsNatAddrPoolUtil is the percentage of utilization of the address pool." ::= { jnxJsNatNotifications 1 } -- -- Trap variables -- jnxJsNatAddrPoolUtil OBJECT-TYPE SYNTAX Integer32 (0..100) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The dynamic address pool utilization in percentage." ::= { jnxJsNatTrapVars 1 } -- *************************************************************** -- END of File -- *************************************************************** END