>> MIB - Management Information Base

>> Table: ipsecBundleTable - (.1.3.6.1.4.1.272.4.26.16.1)

Description: This object contains an IPSec security association.

ipsecBundleTable
OIDNameTypeAccess
.1IndexINTEGERR
.5PeerIndexINTEGERR
.6TrafficIndexINTEGERR
.7StateENUMD
.8NumSasINTEGERR
.9RoleENUMR
.10RekeyedBundleINTEGERR
.11RekeyingBundleINTEGERR
.12LastStateChangeTimeTicksR
.13HeartbeatsEnabledENUMR
.14CreatorENUMR
.16TunnelRemoteIpAddressR
.17PmtuDiscoveryENUMR
.15TunnelLocalIpAddressR
.18KeepAliveENUMR
.20LifeSecondsINTEGERR
.21LifeKBytesINTEGERR
.19VerifyPadENUMR
.22RekeySecondsINTEGERR
.25LocalAddressIpAddressR
.24ProtoENUMR
.23RekeyKBytesINTEGERR
.26LocalMaskLenINTEGERR
.27LocalRangeIpAddressR
.29RemoteAddressIpAddressR
.28LocalPortINTEGERR
.30RemoteMaskLenINTEGERR
.32RemotePortINTEGERR
.33InPktINTEGERR
.31RemoteRangeIpAddressR
.34InHbINTEGERR
.36InKBytesINTEGERR
.37InBytesNettoINTEGERR
.35InBytesINTEGERR
.38InKBytesNettoINTEGERR
.40OutHbINTEGERR
.41OutBytesINTEGERR
.39OutPktINTEGERR
.42OutKBytesINTEGERR
.43OutBytesNettoINTEGERR
.44OutKBytesNettoINTEGERR

Index
A unique index for this entry.
PeerIndex
The index of the peer for which this bundle was created.
TrafficIndex
The index of the traffic entry for which this bundle was created.
State
The current state of the bundle
Possible values:
established(1),	  -- The bundle is alive
expired(2),	  	  -- The bundle is expired
delete (3),	  	  -- Mark this bundle for deletion
negotiating(4),	  -- This bundle is currently negotiated
rekeyed(5),	  	  -- Rekeying of bundle succeeded
heartbeat-lost(6),	  -- Heartbeat receive timeout
failed(7)	  	  -- The negotiation failed.
Enumerations:
  • established (1)
  • expired (2)
  • delete (3)
  • negotiating (4)
  • rekeyed (5)
  • heartbeat-lost (6)
  • failed (7)
NumSas
The number of SAs contained in this bundle.
Role
This object specifies by which side the SA bundle
negotiation was initiated.
Possible values:
initiator(1), -- this end initiated the negotiation 
responder(2)  -- the remote end initiated the negotiation.
Enumerations:
  • initiator (1)
  • responder (2)
RekeyedBundle
This object indicates upon rekeying, which bundle (actually
its BundleIndex) is going to be replaced by that one.
RekeyingBundle
This object indicates upon rekeying, which bundle (actually
its BundleIndex) is going to replace that one.
LastStateChange
This object indicates the time in time ticks from system start
by which the state of this bundle entry was changed last. 
To determine the absolute time, the current sysUpTime must be 
subtracted from this value.
HeartbeatsEnabled
This object specifies whether heartbeats are sent and/or
expected over this bundle.
Possible values:
none(1),     -- neither sending nor expecting heartbeats
expect(2), 	-- expecting heartbeats
send(3),     -- sending heartbeats
both(4)	-- sending and expecting heartbeats.
Enumerations:
  • none (1)
  • expect (2)
  • send (3)
  • both (4)
Creator
This object specifies how the SA was created
Possible values:
manual(1),-- A manually keyed IPSec SA bundle
ike(2)    -- An automatically keyed SA bundle created by IKE.
Enumerations:
  • manual (1)
  • ike (2)
TunnelRemote
The remote IP address of the outer packet header. For
transport mode SAs, this address is the same as the
ipsecBundleRemoteAddress.
PmtuDiscovery
This object specifies the initialization of the DF bit in 
outgoing IPSec packets for this bundle. It decides whether
PMTU discovery is propagated over the IPSec tunnel or not.
Possible values:
enabled(1), -- copy DF bit from original packet; propagate PMTU
disabled(2) -- clear DF bit in IPSec packet; 
-- fragment if necessary.
Enumerations:
  • disabled (1)
  • enabled (2)
TunnelLocal
The local IP address of the outer packet header. For
transport mode SAs, this address is the same as the
ipsecBundleLocalAddress.
KeepAlive
This object specifies the circumstances under which this SA 
bundle will be rekeyed.
Possible values:
true(1), -- rekey even if no traffic was processed
false(2) -- rekey only if at least one packet was processed.
Enumerations:
  • true (1)
  • false (2)
LifeSeconds
The period in seconds after which this bundle will be destroyed.
LifeKBytes
The amount of data allowed to be protected by this bundle until
it is destroyed (ipsecBundleOutBytes or ipecBundleOutBytes).
VerifyPad
This object specifies the kind of padding expected for ESP SAs 
within this bundle.
Possible values:
true(1),	-- normal, self-describing ESP padding
false(2) 	-- old style ESP padding.
Enumerations:
  • true (1)
  • false (2)
RekeySeconds
The period in seconds after which this bundle will be rekeyed.
LocalAddress
The local address (host or network or range start address)
of the traffic selectors,
source for outbound, destination for inbound.
Proto
The protocol of the traffic selectors.
Enumerations:
  • icmp (1)
  • igmp (2)
  • ggp (3)
  • ipip (4)
  • st (5)
  • tcp (6)
  • cbt (7)
  • egp (8)
  • igp (9)
  • bbn (10)
  • nvp (11)
  • pup (12)
  • argus (13)
  • emcon (14)
  • xnet (15)
  • chaos (16)
  • udp (17)
  • mux (18)
  • dcn (19)
  • hmp (20)
  • prm (21)
  • xns (22)
  • trunk1 (23)
  • trunk2 (24)
  • leaf1 (25)
  • leaf2 (26)
  • rdp (27)
  • irtp (28)
  • isotp4 (29)
  • netblt (30)
  • mfe (31)
  • merit (32)
  • sep (33)
  • pc3 (34)
  • idpr (35)
  • xtp (36)
  • ddp (37)
  • idprc (38)
  • tp (39)
  • il (40)
  • ipv6 (41)
  • sdrp (42)
  • ipv6route (43)
  • ipv6frag (44)
  • idrp (45)
  • rsvp (46)
  • gre (47)
  • mhrp (48)
  • bna (49)
  • esp (50)
  • ah (51)
  • inlsp (52)
  • swipe (53)
  • narp (54)
  • mobile (55)
  • tlsp (56)
  • skip (57)
  • ipv6icmp (58)
  • ipv6nonxt (59)
  • ipv6opts (60)
  • ipproto-61 (61)
  • cftp (62)
  • local (63)
  • sat (64)
  • kryptolan (65)
  • rvd (66)
  • ippc (67)
  • distfs (68)
  • satmon (69)
  • visa (70)
  • ipcv (71)
  • cpnx (72)
  • cphb (73)
  • wsn (74)
  • pvp (75)
  • brsatmon (76)
  • sunnd (77)
  • wbmon (78)
  • wbexpak (79)
  • isoip (80)
  • vmtp (81)
  • securevmtp (82)
  • vines (83)
  • ttp (84)
  • nsfnet (85)
  • dgp (86)
  • tcf (87)
  • eigrp (88)
  • ospfigp (89)
  • sprite (90)
  • larp (91)
  • mtp (92)
  • ax25 (93)
  • ipwip (94)
  • micp (95)
  • scc (96)
  • etherip (97)
  • encap (98)
  • encrypt (99)
  • gmtp (100)
  • ifmp (101)
  • pnni (102)
  • pim (103)
  • aris (104)
  • scps (105)
  • qnx (106)
  • an (107)
  • ippcp (108)
  • snp (109)
  • compaq (110)
  • ipxip (111)
  • vrrp (112)
  • pgm (113)
  • hop0 (114)
  • l2tp (115)
  • ipproto-116 (116)
  • ipproto-117 (117)
  • ipproto-118 (118)
  • ipproto-119 (119)
  • ipproto-120 (120)
  • ipproto-121 (121)
  • ipproto-122 (122)
  • ipproto-123 (123)
  • ipproto-124 (124)
  • ipproto-125 (125)
  • ipproto-126 (126)
  • ipproto-127 (127)
  • ipproto-128 (128)
  • ipproto-129 (129)
  • ipproto-130 (130)
  • ipproto-131 (131)
  • ipproto-132 (132)
  • ipproto-133 (133)
  • ipproto-134 (134)
  • ipproto-135 (135)
  • ipproto-136 (136)
  • ipproto-137 (137)
  • ipproto-138 (138)
  • ipproto-139 (139)
  • ipproto-140 (140)
  • ipproto-141 (141)
  • ipproto-142 (142)
  • ipproto-143 (143)
  • ipproto-144 (144)
  • ipproto-145 (145)
  • ipproto-146 (146)
  • ipproto-147 (147)
  • ipproto-148 (148)
  • ipproto-149 (149)
  • ipproto-150 (150)
  • ipproto-151 (151)
  • ipproto-152 (152)
  • ipproto-153 (153)
  • ipproto-154 (154)
  • ipproto-155 (155)
  • ipproto-156 (156)
  • ipproto-157 (157)
  • ipproto-158 (158)
  • ipproto-159 (159)
  • ipproto-160 (160)
  • ipproto-161 (161)
  • ipproto-162 (162)
  • ipproto-163 (163)
  • ipproto-164 (164)
  • ipproto-165 (165)
  • ipproto-166 (166)
  • ipproto-167 (167)
  • ipproto-168 (168)
  • ipproto-169 (169)
  • ipproto-170 (170)
  • ipproto-171 (171)
  • ipproto-172 (172)
  • ipproto-173 (173)
  • ipproto-174 (174)
  • ipproto-175 (175)
  • ipproto-176 (176)
  • ipproto-177 (177)
  • ipproto-178 (178)
  • ipproto-179 (179)
  • ipproto-180 (180)
  • ipproto-181 (181)
  • ipproto-182 (182)
  • ipproto-183 (183)
  • ipproto-184 (184)
  • ipproto-185 (185)
  • ipproto-186 (186)
  • ipproto-187 (187)
  • ipproto-188 (188)
  • ipproto-189 (189)
  • ipproto-190 (190)
  • ipproto-191 (191)
  • ipproto-192 (192)
  • ipproto-193 (193)
  • ipproto-194 (194)
  • ipproto-195 (195)
  • ipproto-196 (196)
  • ipproto-197 (197)
  • ipproto-198 (198)
  • ipproto-199 (199)
  • ipproto-200 (200)
  • ipproto-201 (201)
  • ipproto-202 (202)
  • ipproto-203 (203)
  • ipproto-204 (204)
  • ipproto-205 (205)
  • ipproto-206 (206)
  • ipproto-207 (207)
  • ipproto-208 (208)
  • ipproto-209 (209)
  • ipproto-210 (210)
  • ipproto-211 (211)
  • ipproto-212 (212)
  • ipproto-213 (213)
  • ipproto-214 (214)
  • ipproto-215 (215)
  • ipproto-216 (216)
  • ipproto-217 (217)
  • ipproto-218 (218)
  • ipproto-219 (219)
  • ipproto-220 (220)
  • ipproto-221 (221)
  • ipproto-222 (222)
  • ipproto-223 (223)
  • ipproto-224 (224)
  • ipproto-225 (225)
  • ipproto-226 (226)
  • ipproto-227 (227)
  • ipproto-228 (228)
  • ipproto-229 (229)
  • ipproto-230 (230)
  • ipproto-231 (231)
  • ipproto-232 (232)
  • ipproto-233 (233)
  • ipproto-234 (234)
  • ipproto-235 (235)
  • ipproto-236 (236)
  • ipproto-237 (237)
  • ipproto-238 (238)
  • ipproto-239 (239)
  • ipproto-240 (240)
  • ipproto-241 (241)
  • ipproto-242 (242)
  • ipproto-243 (243)
  • ipproto-244 (244)
  • ipproto-245 (245)
  • ipproto-246 (246)
  • ipproto-247 (247)
  • ipproto-248 (248)
  • ipproto-249 (249)
  • ipproto-250 (250)
  • ipproto-251 (251)
  • ipproto-252 (252)
  • ipproto-253 (253)
  • ipproto-254 (254)
  • dont-verify (255)
RekeyKBytes
The amount of data allowed to be protected by this bundle until
it is rekeyed (ipsecBundleOutBytes or ipecBundleOutBytes).
LocalMaskLen
The local network masklen of the traffic selectors,
source for outbound, destination for inbound.
LocalRange
The local address range end address of the traffic selectors,
source for outbound, destination for inbound.
RemoteAddress
The remote address (host or network or range start address)
of the traffic selectors
source for outbound, destination for inbound.
LocalPort
The local port of the traffic selectors,
source for outbound, destination for inbound.
RemoteMaskLen
The remote network masklen of the traffic selectors
source for outbound, destination for inbound.
RemotePort
The remote port of the traffic selectors
source for outbound, destination for inbound.
InPkt
The total number of inbound packets processed by this bundle.
RemoteRange
The remote address range end address of the traffic selectors
source for outbound, destination for inbound.
InHb
The number of heartbeat packets received over this bundle.
InKBytes
The number of inbound Kbytes (including IPSec overhead) 
processed by this bundle.
InBytesNetto
The number of inbound bytes (netto: IPSec headers excluded) 
processed by this bundle.
InBytes
The number of inbound bytes (including IPSec overhead) 
processed by this bundle.
InKBytesNetto
The number of inbound Kbytes (netto: IPSec headers excluded) 
processed by this bundle.
OutHb
The number of heartbeat packets sent for this bundle.
OutBytes
The number of outbound bytes (including IPSec overhead) 
processed by this bundle.
OutPkt
The total number of outbound packets processed by this bundle.
OutKBytes
The number of outbound Kbytes (including IPSec overhead) 
processed by this bundle.
OutBytesNetto
The number of outbound bytes (netto: IPSec headers excluded) 
processed by this bundle.
OutKBytesNetto
The number of outbound Kbytes (netto: IPSec headers excluded) 
processed by this bundle.


Copyright ©2003 by BinTec Access Networks GmbH