-- ARISTA-TUNNEL-MIB: Arista tunnel information -- Copyright (c) 2022 Arista Networks, Inc. All rights reserved. ARISTA-TUNNEL-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF TEXTUAL-CONVENTION FROM SNMPv2-TC aristaMibs FROM ARISTA-SMI-MIB ifIndex FROM IF-MIB; aristaTunnelMIB MODULE-IDENTITY LAST-UPDATED "202309200000Z" ORGANIZATION "Arista Networks, Inc." CONTACT-INFO "Arista Networks, Inc. Postal: 5453 Great America Parkway Santa Clara, CA 95054 Tel: +1 408 547-5500 E-mail: snmp@arista.com" DESCRIPTION "The MIB module for additional tunnel information on Arista devices." REVISION "202309200000Z" DESCRIPTION "Add ikeVersionUnsupportedWithVrf" REVISION "202208240000Z" DESCRIPTION "Initial version." ::= { aristaMibs 34 } -- Textual Conventions -- AristaIpsecTunnelConnectionState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "A value that represents the connection state of an IPsec tunnel. unknown(0) The connection state could not be determined. connecting(1) The device is trying to connect to the peer. idle(2) IPsec connections will be accepted, but not initiated. established(3) IPsec connection is up, and IPsec SAs are programmed in the data path. shut(4) Configuration is present, but the tunnel is in shutdown state. fipsUnsupported(5) FIPS is enabled and an unsupported configuration is present; IPsec connections will not be initiated or accepted. connected(6) IPsec connection is up, but IPsec SAs are not yet programmed in the data path. ikeVersionUnsupportedWithVrf(7) The configuration is unsupported because tunnels with non-default underlay VRFs only allow IKE version 2. " SYNTAX INTEGER { unknown(0), connecting(1), idle(2), established(3), shut(4), fipsUnsupported(5), connected(6), ikeVersionUnsupportedWithVrf(7) } aristaTunnelMibNotifications OBJECT IDENTIFIER ::= { aristaTunnelMIB 0 } aristaTunnelMibObjects OBJECT IDENTIFIER ::= { aristaTunnelMIB 1 } aristaTunnelMibConformance OBJECT IDENTIFIER ::= { aristaTunnelMIB 2 } -- Notifications -- -- Objects -- -- IPsec tunnel interface table -- aristaIpsecTunnelIfTable OBJECT-TYPE SYNTAX SEQUENCE OF AristaIpsecTunnelIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains information on IPsec tunnel interfaces." ::= { aristaTunnelMibObjects 1 } aristaIpsecTunnelIfEntry OBJECT-TYPE SYNTAX AristaIpsecTunnelIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information applicable to a particular IPsec tunnel interface." INDEX { ifIndex } ::= { aristaIpsecTunnelIfTable 1 } AristaIpsecTunnelIfEntry ::= SEQUENCE { aristaIpsecTunnelIfConnState AristaIpsecTunnelConnectionState } aristaIpsecTunnelIfConnState OBJECT-TYPE SYNTAX AristaIpsecTunnelConnectionState MAX-ACCESS read-only STATUS current DESCRIPTION "The connection state of the IPsec tunnel identified by this entry." ::= { aristaIpsecTunnelIfEntry 1 } -- Conformance and Compliance -- aristaTunnelMibCompliances OBJECT IDENTIFIER ::= { aristaTunnelMibConformance 1 } aristaTunnelMibGroups OBJECT IDENTIFIER ::= { aristaTunnelMibConformance 2 } aristaTunnelMibCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for Arista switches that implement the ARISTA-TUNNEL-MIB." MODULE -- this module MANDATORY-GROUPS { aristaTunnelMibIpsecGroup } ::= { aristaTunnelMibCompliances 1 } aristaTunnelMibIpsecGroup OBJECT-GROUP OBJECTS { aristaIpsecTunnelIfConnState } STATUS current DESCRIPTION "The collection of objects that provide IPsec tunnel information." ::= { aristaTunnelMibGroups 1 } END