summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc7658.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc7658.txt')
-rw-r--r--doc/rfc/rfc7658.txt3475
1 files changed, 3475 insertions, 0 deletions
diff --git a/doc/rfc/rfc7658.txt b/doc/rfc/rfc7658.txt
new file mode 100644
index 0000000..ee6384d
--- /dev/null
+++ b/doc/rfc/rfc7658.txt
@@ -0,0 +1,3475 @@
+
+
+
+
+
+
+Internet Engineering Task Force (IETF) S. Perreault
+Request for Comments: 7658 Jive Communications
+Obsoletes: 4008 T. Tsou
+Category: Standards Track Huawei Technologies
+ISSN: 2070-1721 S. Sivakumar
+ Cisco Systems
+ T. Taylor
+ PT Taylor Consulting
+ October 2015
+
+
+ Deprecation of MIB Module NAT-MIB:
+ Managed Objects for Network Address Translators (NATs)
+
+Abstract
+
+ This memo deprecates MIB module NAT-MIB, a portion of the Management
+ Information Base (MIB) previously defined in RFC 4008 for devices
+ implementing Network Address Translator (NAT) function. A companion
+ document defines a new version, NATV2-MIB, which responds to
+ deficiencies found in module NAT-MIB and adds new capabilities.
+
+ This document obsoletes RFC 4008. All MIB objects specified in RFC
+ 4008 are included in this version unchanged with only the STATUS
+ changed to deprecated.
+
+Status of This Memo
+
+ This is an Internet Standards Track document.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Further information on
+ Internet Standards is available in Section 2 of RFC 5741.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ http://www.rfc-editor.org/info/rfc7658.
+
+
+
+
+
+
+
+
+
+
+
+
+Perreault, et al. Standards Track [Page 1]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+Copyright Notice
+
+ Copyright (c) 2015 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Simplified BSD License text as described in Section 4.e of
+ the Trust Legal Provisions and are provided without warranty as
+ described in the Simplified BSD License.
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
+ 2. The Internet-Standard Management Framework . . . . . . . . . 3
+ 3. Motivation For Deprecating NAT-MIB . . . . . . . . . . . . . 3
+ 3.1. Deprecated Features . . . . . . . . . . . . . . . . . . . 3
+ 3.2. Desirable New Features . . . . . . . . . . . . . . . . . 4
+ 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 5. Security Considerations . . . . . . . . . . . . . . . . . . . 60
+ 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 60
+ 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 60
+ 7.1. Normative References . . . . . . . . . . . . . . . . . . 60
+ 7.2. Informative References . . . . . . . . . . . . . . . . . 61
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 62
+
+1. Introduction
+
+ This memo deprecates a portion of the Management Information Base
+ (MIB), MIB module NAT-MIB, for devices implementing the Network
+ Address Translator (NAT) function. New implementations are
+ encouraged to base themselves upon the second version of this MIB
+ module, NATV2-MIB, defined in [RFC7659]. NAT types and their
+ characteristics are defined in [RFC2663]. Traditional NAT function,
+ in particular, is defined in [RFC3022]. Neither NAT-MIB nor
+ NATV2-MIB addresses firewall functions, and neither can be used for
+ configuring or monitoring them.
+
+ Section 2 provides references to the Simple Network Management
+ Protocol (SNMP) management framework, which was used as the basis for
+ the original MIB module definition and its deprecation. Section 3
+ provides motivation for the deprecation of module NAT-MIB and its
+ replacement by module NATV2-MIB. Section 4 has the complete NAT-MIB
+ module definition, with the STATUS of all objects changed to
+
+
+
+Perreault, et al. Standards Track [Page 2]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ deprecated. Section 5 describes security considerations relating to
+ NAT-MIB, basically relying on the security considerations in
+ [RFC4008] and [RFC7659].
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
+ "OPTIONAL" in this document are to be interpreted as described in
+ [RFC2119].
+
+2. The Internet-Standard Management Framework
+
+ For a detailed overview of the documents that describe the current
+ Internet-Standard Management Framework, please refer to section 7 of
+ RFC 3410 [RFC3410].
+
+ Managed objects are accessed via a virtual information store, termed
+ the Management Information Base or MIB. MIB objects are generally
+ accessed through the Simple Network Management Protocol (SNMP).
+ Objects in the MIB are defined using the mechanisms defined in the
+ Structure of Management Information (SMI). This memo specifies a MIB
+ module that is compliant to the SMIv2, which is described in STD 58,
+ RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579], and STD 58, RFC 2580
+ [RFC2580].
+
+3. Motivation For Deprecating NAT-MIB
+
+ This section provides the motivation for deprecating the NAT-MIB
+ module and its replacement by a new version.
+
+3.1. Deprecated Features
+
+ All objects defined in [RFC4008] have been marked with "STATUS
+ deprecated" for the following reasons:
+
+ Writability: Experience with NAT has shown that implementations vary
+ tremendously. The NAT algorithms and data structures have little
+ in common across devices, and this results in wildly incompatible
+ configuration parameters. Therefore, few implementations were
+ ever able to claim full compliance.
+
+ Lesson learned: the MIB should be read-only as much as possible.
+
+
+
+
+
+
+
+
+
+
+Perreault, et al. Standards Track [Page 3]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Exposing configuration parameters: Even in read-only mode, many
+ configuration parameters were exposed by [RFC4008] (e.g.,
+ timeouts). Since implementations vary wildly in their sets of
+ configuration parameters, few implementations could claim even
+ basic compliance.
+
+ Lesson learned: the NAT-MIB's purpose is not to expose
+ configuration parameters.
+
+ Interfaces: Objects from [RFC4008] tie NAT state with interfaces
+ (e.g., the interface table, the way map entries are grouped by
+ interface). Many NAT implementations either never keep track of
+ the interface or associate a mapping to a set of interfaces.
+ Since interfaces are at the core of [RFC4008], many NAT devices
+ were unable to have a proper implementation.
+
+ Lesson learned: NAT is a logical function that may be independent
+ of interfaces. Do not tie NAT state with interfaces.
+
+ NAT service types: [RFC4008] used four categories of NAT service:
+ basicNat, napt, bidirectionalNat, twiceNat. These are ill-
+ defined, and many implementations either use different categories
+ or do not use categories at all.
+
+ Lesson learned: do not try to categorize NAT types.
+
+ Limited transport protocol set: The set of transport protocols was
+ defined as: other, icmp, udp, and tcp. Furthermore, the numeric
+ values corresponding to those labels were arbitrary, without
+ relation to the actual standard protocol numbers. This meant that
+ NAT implementations were limited to those protocols and were
+ unable to expose information about DCCP, SCTP, etc.
+
+ Lesson learned: use standard transport protocol numbers.
+
+3.2. Desirable New Features
+
+ A number of desirable new features have been identified that are not
+ present in NAT-MIB. See the latter part of Section 2 of [RFC7659].
+
+
+
+
+
+
+
+
+
+
+
+
+Perreault, et al. Standards Track [Page 4]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+4. Definitions
+
+ This MIB module IMPORTs objects from [RFC2578], [RFC2579], [RFC2580],
+ [RFC2863], [RFC3411], and [RFC4001]. It also refers to information
+ in [RFC792], [RFC4443], and [RFC3413].
+
+NAT-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ MODULE-IDENTITY,
+ OBJECT-TYPE,
+ Integer32,
+ Unsigned32,
+ Gauge32,
+ Counter64,
+ TimeTicks,
+ mib-2,
+ NOTIFICATION-TYPE
+ FROM SNMPv2-SMI
+ TEXTUAL-CONVENTION,
+ StorageType,
+ RowStatus
+ FROM SNMPv2-TC
+ MODULE-COMPLIANCE,
+ NOTIFICATION-GROUP,
+ OBJECT-GROUP
+ FROM SNMPv2-CONF
+ ifIndex,
+ ifCounterDiscontinuityGroup
+ FROM IF-MIB
+ SnmpAdminString
+ FROM SNMP-FRAMEWORK-MIB
+ InetAddressType,
+ InetAddress,
+ InetPortNumber
+ FROM INET-ADDRESS-MIB;
+
+natMIB MODULE-IDENTITY
+ LAST-UPDATED "201510020000Z" -- 2 October 2015
+ ORGANIZATION
+ "IETF Behavior Engineering for Hindrance Avoidance
+ (BEHAVE) Working Group"
+ CONTACT-INFO
+ "Working Group Email: behave@ietf.org
+
+ Simon Perreault
+ Jive Communications
+ Quebec, QC
+
+
+
+Perreault, et al. Standards Track [Page 5]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Canada
+
+ Email: sperreault@jive.com
+
+
+ Tina Tsou
+ Huawei Technologies
+ Bantian, Longgang District
+ Shenzhen 518129
+ China
+
+ Email: tina.tsou.zouting@huawei.com
+
+
+ Senthil Sivakumar
+ Cisco Systems
+ 7100-8 Kit Creek Road
+ Research Triangle Park, North Carolina 27709
+ United States
+
+ Phone: +1 919 392 5158
+ Email: ssenthil@cisco.com
+
+
+ Tom Taylor
+ PT Taylor Consulting
+ Ottawa
+ Canada
+
+ Email: tom.taylor.stds@gmail.com"
+ DESCRIPTION
+ "This MIB module defines the generic managed objects
+ for NAT.
+
+ Copyright (c) 2015 IETF Trust and the persons
+ identified as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Simplified
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this MIB module is part of RFC 7658;
+ see the RFC itself for full legal notices."
+ REVISION "201510020000Z" -- 2 October 2015
+ DESCRIPTION
+
+
+
+Perreault, et al. Standards Track [Page 6]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ "Deprecation of all objects, published as RFC 7658.
+ See NATV2-MIB in RFC 7659 for recommended replacement."
+ REVISION "200503210000Z" -- 21 March 2005
+ DESCRIPTION
+ "Initial version, published as RFC 4008."
+ ::= { mib-2 123 }
+
+natMIBObjects OBJECT IDENTIFIER ::= { natMIB 1 }
+
+NatProtocolType ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "A list of protocols that support the network
+ address translation. Inclusion of the values is
+ not intended to imply that those protocols
+ need to be supported. Any change in this
+ TEXTUAL-CONVENTION should also be reflected in
+ the definition of NatProtocolMap, which is a
+ BITS representation of this.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX INTEGER {
+ none (1), -- not specified
+ other (2), -- none of the following
+ icmp (3),
+ udp (4),
+ tcp (5)
+ }
+
+NatProtocolMap ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "A bitmap of protocol identifiers that support
+ the network address translation. Any change
+ in this TEXTUAL-CONVENTION should also be
+ reflected in the definition of NatProtocolType.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX BITS {
+ other (0),
+ icmp (1),
+ udp (2),
+ tcp (3)
+ }
+
+NatAddrMapId ::= TEXTUAL-CONVENTION
+ DISPLAY-HINT "d"
+ STATUS deprecated
+
+
+
+Perreault, et al. Standards Track [Page 7]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ DESCRIPTION
+ "A unique ID that is assigned to each address map
+ by a NAT-enabled device.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX Unsigned32 (1..4294967295)
+
+NatBindIdOrZero ::= TEXTUAL-CONVENTION
+ DISPLAY-HINT "d"
+ STATUS deprecated
+ DESCRIPTION
+ "A unique ID that is assigned to each bind by
+ a NAT-enabled device. The bind ID will be zero
+ in the case of a Symmetric NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX Unsigned32 (0..4294967295)
+
+NatBindId ::= TEXTUAL-CONVENTION
+ DISPLAY-HINT "d"
+ STATUS deprecated
+ DESCRIPTION
+ "A unique ID that is assigned to each bind by
+ a NAT-enabled device.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX Unsigned32 (1..4294967295)
+
+NatSessionId ::= TEXTUAL-CONVENTION
+ DISPLAY-HINT "d"
+ STATUS deprecated
+ DESCRIPTION
+ "A unique ID that is assigned to each session by
+ a NAT-enabled device.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX Unsigned32 (1..4294967295)
+
+NatBindMode ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "An indication of whether the bind is
+ an address bind or an address port bind.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX INTEGER {
+ addressBind (1),
+ addressPortBind (2)
+
+
+
+Perreault, et al. Standards Track [Page 8]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ }
+
+NatAssociationType ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "An indication of whether the association is
+ static or dynamic.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX INTEGER {
+ static (1),
+ dynamic (2)
+ }
+
+NatTranslationEntity ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "An indication of a) the direction of a session for
+ which an address map entry, address bind, or port
+ bind is applicable, and b) the entity (source or
+ destination) within the session that is subject to
+ translation.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ SYNTAX BITS {
+ inboundSrcEndPoint (0),
+ outboundDstEndPoint(1),
+ inboundDstEndPoint (2),
+ outboundSrcEndPoint(3)
+ }
+
+--
+-- Default Values for the Bind and NAT Protocol Timers
+--
+
+natDefTimeouts OBJECT IDENTIFIER ::= { natMIBObjects 1 }
+
+natNotifCtrl OBJECT IDENTIFIER ::= { natMIBObjects 2 }
+
+--
+-- NAT configuration related to Address Bind and Port Bind
+--
+
+natBindDefIdleTimeout OBJECT-TYPE
+ SYNTAX Unsigned32 (0..4294967295)
+ UNITS "seconds"
+ MAX-ACCESS read-write
+ STATUS deprecated
+
+
+
+Perreault, et al. Standards Track [Page 9]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ DESCRIPTION
+ "The default Bind (Address Bind or Port Bind) idle
+ timeout parameter.
+
+ If the agent is capable of storing non-volatile
+ configuration, then the value of this object must be
+ restored after a reinitialization of the management
+ system.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 0 }
+ ::= { natDefTimeouts 1 }
+
+--
+-- UDP related NAT configuration
+--
+
+natUdpDefIdleTimeout OBJECT-TYPE
+ SYNTAX Unsigned32 (1..4294967295)
+ UNITS "seconds"
+ MAX-ACCESS read-write
+ STATUS deprecated
+ DESCRIPTION
+ "The default UDP idle timeout parameter.
+
+ If the agent is capable of storing non-volatile
+ configuration, then the value of this object must be
+ restored after a reinitialization of the management
+ system.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 300 }
+ ::= { natDefTimeouts 2 }
+
+--
+-- ICMP related NAT configuration
+--
+
+natIcmpDefIdleTimeout OBJECT-TYPE
+ SYNTAX Unsigned32 (1..4294967295)
+ UNITS "seconds"
+ MAX-ACCESS read-write
+ STATUS deprecated
+ DESCRIPTION
+ "The default ICMP idle timeout parameter.
+
+ If the agent is capable of storing non-volatile
+ configuration, then the value of this object must be
+
+
+
+Perreault, et al. Standards Track [Page 10]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ restored after a reinitialization of the management
+ system.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 300 }
+ ::= { natDefTimeouts 3 }
+
+--
+-- Other protocol parameters
+--
+
+natOtherDefIdleTimeout OBJECT-TYPE
+ SYNTAX Unsigned32 (1..4294967295)
+ UNITS "seconds"
+ MAX-ACCESS read-write
+ STATUS deprecated
+ DESCRIPTION
+ "The default idle timeout parameter for protocols
+ represented by the value other (2) in
+ NatProtocolType.
+
+ If the agent is capable of storing non-volatile
+ configuration, then the value of this object must be
+ restored after a reinitialization of the management
+ system.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 60 }
+ ::= { natDefTimeouts 4 }
+
+--
+-- TCP related NAT Timers
+--
+
+natTcpDefIdleTimeout OBJECT-TYPE
+ SYNTAX Unsigned32 (1..4294967295)
+ UNITS "seconds"
+ MAX-ACCESS read-write
+ STATUS deprecated
+ DESCRIPTION
+ "The default time interval that a NAT session for an
+ established TCP connection is allowed to remain
+ valid without any activity on the TCP connection.
+
+ If the agent is capable of storing non-volatile
+ configuration, then the value of this object must be
+ restored after a reinitialization of the management
+ system.
+
+
+
+Perreault, et al. Standards Track [Page 11]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 86400 }
+ ::= { natDefTimeouts 5 }
+
+natTcpDefNegTimeout OBJECT-TYPE
+ SYNTAX Unsigned32 (1..4294967295)
+ UNITS "seconds"
+ MAX-ACCESS read-write
+ STATUS deprecated
+ DESCRIPTION
+ "The default time interval that a NAT session for a TCP
+ connection that is not in the established state
+ is allowed to remain valid without any activity on
+ the TCP connection.
+
+ If the agent is capable of storing non-volatile
+ configuration, then the value of this object must be
+ restored after a reinitialization of the management
+ system.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 60 }
+ ::= { natDefTimeouts 6 }
+
+natNotifThrottlingInterval OBJECT-TYPE
+ SYNTAX Integer32 (0 | 5..3600)
+ UNITS "seconds"
+ MAX-ACCESS read-write
+ STATUS deprecated
+ DESCRIPTION
+ "This object controls the generation of the
+ natPacketDiscard notification.
+
+ If this object has a value of zero, then no
+ natPacketDiscard notifications will be transmitted by
+ the agent.
+
+ If this object has a non-zero value, then the agent must
+ not generate more than one natPacketDiscard
+ 'notification-event' in the indicated period, where a
+ 'notification-event' is the generation of a single
+ notification PDU type to a list of notification
+ destinations. If additional NAT packets are discarded
+ within the throttling period, then notification-events
+ for these changes must be suppressed by the agent until
+ the current throttling period expires.
+
+
+
+
+Perreault, et al. Standards Track [Page 12]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ If natNotifThrottlingInterval notification generation
+ is enabled, the suggested default throttling period is
+ 60 seconds, but generation of the natPacketDiscard
+ notification should be disabled by default.
+
+ If the agent is capable of storing non-volatile
+ configuration, then the value of this object must be
+ restored after a reinitialization of the management
+ system.
+
+ The actual transmission of notifications is controlled
+ via the MIB modules in RFC 3413.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 0 }
+ ::= { natNotifCtrl 1 }
+
+--
+-- The NAT Interface Table
+--
+
+natInterfaceTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NatInterfaceEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This table specifies the attributes for interfaces on a
+ device supporting NAT function.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBObjects 3 }
+
+natInterfaceEntry OBJECT-TYPE
+ SYNTAX NatInterfaceEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Each entry in the natInterfaceTable holds a set of
+ parameters for an interface, instantiated by
+ ifIndex. Therefore, the interface index must have been
+ assigned, according to the applicable procedures,
+ before it can be meaningfully used.
+ Generally, this means that the interface must exist.
+
+ When natStorageType is of type nonVolatile, however,
+ this may reflect the configuration for an interface
+ whose ifIndex has been assigned but for which the
+ supporting implementation is not currently present.
+
+
+
+Perreault, et al. Standards Track [Page 13]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ INDEX { ifIndex }
+ ::= { natInterfaceTable 1 }
+
+NatInterfaceEntry ::= SEQUENCE {
+ natInterfaceRealm INTEGER,
+ natInterfaceServiceType BITS,
+ natInterfaceInTranslates Counter64,
+ natInterfaceOutTranslates Counter64,
+ natInterfaceDiscards Counter64,
+ natInterfaceStorageType StorageType,
+ natInterfaceRowStatus RowStatus
+}
+
+natInterfaceRealm OBJECT-TYPE
+ SYNTAX INTEGER {
+ private (1),
+ public (2)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object identifies whether this interface is
+ connected to the private or the public realm.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { public }
+ ::= { natInterfaceEntry 1 }
+
+natInterfaceServiceType OBJECT-TYPE
+ SYNTAX BITS {
+ basicNat (0),
+ napt (1),
+ bidirectionalNat (2),
+ twiceNat (3)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "An indication of the direction in which new sessions
+ are permitted and the extent of translation done within
+ the IP and transport headers.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natInterfaceEntry 2 }
+
+natInterfaceInTranslates OBJECT-TYPE
+
+
+
+Perreault, et al. Standards Track [Page 14]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Number of packets received on this interface that
+ were translated.
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natInterfaceEntry 3 }
+
+natInterfaceOutTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Number of translated packets that were sent out this
+ interface.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natInterfaceEntry 4 }
+
+natInterfaceDiscards OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Number of packets that had to be rejected/dropped due to
+ a lack of resources for this interface.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natInterfaceEntry 5 }
+
+natInterfaceStorageType OBJECT-TYPE
+ SYNTAX StorageType
+
+
+
+Perreault, et al. Standards Track [Page 15]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The storage type for this conceptual row.
+ Conceptual rows having the value 'permanent'
+ need not allow write-access to any columnar objects
+ in the row.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659, and Section 2 of RFC 2579
+ (Textual Conventions for Conventions for SMIv2)."
+ DEFVAL { nonVolatile }
+ ::= { natInterfaceEntry 6 }
+
+natInterfaceRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The status of this conceptual row.
+
+ Until instances of all corresponding columns are
+ appropriately configured, the value of the
+ corresponding instance of the natInterfaceRowStatus
+ column is 'notReady'.
+
+ In particular, a newly created row cannot be made
+ active until the corresponding instance of
+ natInterfaceServiceType has been set.
+
+ None of the objects in this row may be modified
+ while the value of this object is active(1).
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659, and Section 2 of RFC 2579
+ (Textual Conventions for Conventions for SMIv2)."
+ ::= { natInterfaceEntry 7 }
+
+--
+-- The Address Map Table
+--
+
+natAddrMapTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NatAddrMapEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This table lists address map parameters for NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+
+
+
+Perreault, et al. Standards Track [Page 16]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ ::= { natMIBObjects 4 }
+
+natAddrMapEntry OBJECT-TYPE
+ SYNTAX NatAddrMapEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This entry represents an address map to be used for
+ NAT and contributes to the dynamic and/or static
+ address mapping tables of the NAT device.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ INDEX { ifIndex, natAddrMapIndex }
+ ::= { natAddrMapTable 1 }
+
+NatAddrMapEntry ::= SEQUENCE {
+ natAddrMapIndex NatAddrMapId,
+ natAddrMapName SnmpAdminString,
+ natAddrMapEntryType NatAssociationType,
+ natAddrMapTranslationEntity NatTranslationEntity,
+ natAddrMapLocalAddrType InetAddressType,
+ natAddrMapLocalAddrFrom InetAddress,
+ natAddrMapLocalAddrTo InetAddress,
+ natAddrMapLocalPortFrom InetPortNumber,
+ natAddrMapLocalPortTo InetPortNumber,
+ natAddrMapGlobalAddrType InetAddressType,
+ natAddrMapGlobalAddrFrom InetAddress,
+ natAddrMapGlobalAddrTo InetAddress,
+ natAddrMapGlobalPortFrom InetPortNumber,
+ natAddrMapGlobalPortTo InetPortNumber,
+ natAddrMapProtocol NatProtocolMap,
+ natAddrMapInTranslates Counter64,
+ natAddrMapOutTranslates Counter64,
+ natAddrMapDiscards Counter64,
+ natAddrMapAddrUsed Gauge32,
+ natAddrMapStorageType StorageType,
+ natAddrMapRowStatus RowStatus
+}
+
+natAddrMapIndex OBJECT-TYPE
+ SYNTAX NatAddrMapId
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Along with ifIndex, this object uniquely
+ identifies an entry in the natAddrMapTable.
+ Address map entries are applied in the order
+ specified by natAddrMapIndex.
+
+
+
+Perreault, et al. Standards Track [Page 17]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 1 }
+
+natAddrMapName OBJECT-TYPE
+ SYNTAX SnmpAdminString (SIZE(1..32))
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "Name identifying all map entries in the table associated
+ with the same interface. All map entries with the same
+ ifIndex MUST have the same map name.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 2 }
+
+natAddrMapEntryType OBJECT-TYPE
+ SYNTAX NatAssociationType
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This parameter can be used to set up static
+ or dynamic address maps.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 3 }
+
+natAddrMapTranslationEntity OBJECT-TYPE
+ SYNTAX NatTranslationEntity
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The endpoint entity (source or destination) in
+ inbound or outbound sessions (i.e., first packets) that
+ may be translated by an address map entry.
+
+ Session direction (inbound or outbound) is
+ derived from the direction of the first packet
+ of a session traversing a NAT interface.
+ NAT address (and Transport-ID) maps may be defined
+ to effect inbound or outbound sessions.
+
+ Traditionally, address maps for Basic NAT and NAPT are
+ configured on a public interface for outbound sessions,
+ effecting translation of source endpoint. The value of
+ this object must be set to outboundSrcEndPoint for
+ those interfaces.
+
+
+
+
+Perreault, et al. Standards Track [Page 18]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Alternately, if address maps for Basic NAT and NAPT were
+ to be configured on a private interface, the desired
+ value for this object for the map entries
+ would be inboundSrcEndPoint (i.e., effecting translation
+ of source endpoint for inbound sessions).
+
+ If twiceNAT were to be configured on a private
+ interface, the desired value for this object for the map
+ entries would be a bitmask of inboundSrcEndPoint and
+ inboundDstEndPoint.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 4 }
+
+natAddrMapLocalAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natAddrMapLocalAddrFrom and natAddrMapLocalAddrTo.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 5 }
+
+natAddrMapLocalAddrFrom OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the first IP address of the range
+ of IP addresses mapped by this translation entry. The
+ value of this object must be less than or equal to the
+ value of the natAddrMapLocalAddrTo object.
+
+ The type of this address is determined by the value of
+ the natAddrMapLocalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 6 }
+
+natAddrMapLocalAddrTo OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the last IP address of the range
+ of IP addresses mapped by this translation entry. If
+
+
+
+Perreault, et al. Standards Track [Page 19]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ only a single address is being mapped, the value of this
+ object is equal to the value of natAddrMapLocalAddrFrom.
+ For a static NAT, the number of addresses in the range
+ defined by natAddrMapLocalAddrFrom and
+ natAddrMapLocalAddrTo must be equal to the number of
+ addresses in the range defined by
+ natAddrMapGlobalAddrFrom and natAddrMapGlobalAddrTo.
+ The value of this object must be greater than or equal
+ to the value of the natAddrMapLocalAddrFrom object.
+
+ The type of this address is determined by the value of
+ the natAddrMapLocalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 7 }
+
+natAddrMapLocalPortFrom OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "If this conceptual row describes a Basic NAT address
+ mapping, then the value of this object must be zero. If
+ this conceptual row describes NAPT, then the value of
+ this object specifies the first port number in the range
+ of ports being mapped.
+
+ The value of this object must be less than or equal to
+ the value of the natAddrMapLocalPortTo object. If the
+ translation specifies a single port, then the value of
+ this object is equal to the value of
+ natAddrMapLocalPortTo.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 0 }
+ ::= { natAddrMapEntry 8 }
+
+natAddrMapLocalPortTo OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "If this conceptual row describes a Basic NAT address
+ mapping, then the value of this object must be zero. If
+ this conceptual row describes NAPT, then the value of
+ this object specifies the last port number in the range
+ of ports being mapped.
+
+
+
+
+Perreault, et al. Standards Track [Page 20]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ The value of this object must be greater than or equal
+ to the value of the natAddrMapLocalPortFrom object. If
+ the translation specifies a single port, then the value
+ of this object is equal to the value of
+ natAddrMapLocalPortFrom.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 0 }
+ ::= { natAddrMapEntry 9 }
+
+natAddrMapGlobalAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natAddrMapGlobalAddrFrom and natAddrMapGlobalAddrTo.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 10 }
+
+natAddrMapGlobalAddrFrom OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the first IP address of the range
+ of IP addresses being mapped to. The value of this
+ object must be less than or equal to the value of the
+ natAddrMapGlobalAddrTo object.
+
+ The type of this address is determined by the value of
+ the natAddrMapGlobalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 11 }
+
+natAddrMapGlobalAddrTo OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the last IP address of the range
+ of IP addresses being mapped to. If only a single
+ address is being mapped to, the value of this object is
+ equal to the value of natAddrMapGlobalAddrFrom. For a
+ static NAT, the number of addresses in the range defined
+ by natAddrMapGlobalAddrFrom and natAddrMapGlobalAddrTo
+
+
+
+Perreault, et al. Standards Track [Page 21]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ must be equal to the number of addresses in the range
+ defined by natAddrMapLocalAddrFrom and
+ natAddrMapLocalAddrTo. The value of this object must be
+ greater than or equal to the value of the
+ natAddrMapGlobalAddrFrom object.
+
+ The type of this address is determined by the value of
+ the natAddrMapGlobalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 12 }
+
+natAddrMapGlobalPortFrom OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "If this conceptual row describes a Basic NAT address
+ mapping, then the value of this object must be zero. If
+ this conceptual row describes NAPT, then the value of
+ this object specifies the first port number in the range
+ of ports being mapped to.
+
+ The value of this object must be less than or equal to
+ the value of the natAddrMapGlobalPortTo object. If the
+ translation specifies a single port, then the value of
+ this object is equal to the value
+ natAddrMapGlobalPortTo.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 0 }
+ ::= { natAddrMapEntry 13 }
+
+natAddrMapGlobalPortTo OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "If this conceptual row describes a Basic NAT address
+ mapping, then the value of this object must be zero. If
+ this conceptual row describes NAPT, then the value of
+ this object specifies the last port number in the range
+ of ports being mapped to.
+
+ The value of this object must be greater than or equal
+ to the value of the natAddrMapGlobalPortFrom object. If
+ the translation specifies a single port, then the value
+ of this object is equal to the value of
+
+
+
+Perreault, et al. Standards Track [Page 22]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ natAddrMapGlobalPortFrom.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ DEFVAL { 0 }
+ ::= { natAddrMapEntry 14 }
+
+natAddrMapProtocol OBJECT-TYPE
+ SYNTAX NatProtocolMap
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies a bitmap of protocol identifiers.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 15 }
+
+natAddrMapInTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of inbound packets pertaining to this address
+ map entry that were translated.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 16 }
+
+natAddrMapOutTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of outbound packets pertaining to this
+ address map entry that were translated.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 17 }
+
+
+
+
+Perreault, et al. Standards Track [Page 23]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+natAddrMapDiscards OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of packets pertaining to this address map
+ entry that were dropped due to lack of addresses in the
+ address pool identified by this address map. The value
+ of this object must always be zero in case of a static
+ address map.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 18 }
+
+natAddrMapAddrUsed OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of addresses pertaining to this address map
+ that are currently being used from the NAT pool.
+ The value of this object must always be zero in the case
+ of a static address map.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrMapEntry 19 }
+
+natAddrMapStorageType OBJECT-TYPE
+ SYNTAX StorageType
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The storage type for this conceptual row.
+ Conceptual rows having the value 'permanent'
+ need not allow write-access to any columnar objects
+ in the row.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659, and Section 2 of RFC 2579
+ (Textual Conventions for Conventions for SMIv2)."
+ DEFVAL { nonVolatile }
+ ::= { natAddrMapEntry 20 }
+
+natAddrMapRowStatus OBJECT-TYPE
+
+
+
+Perreault, et al. Standards Track [Page 24]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The status of this conceptual row.
+
+ Until instances of all corresponding columns are
+ appropriately configured, the value of the
+ corresponding instance of the natAddrMapRowStatus
+ column is 'notReady'.
+
+ None of the objects in this row may be modified
+ while the value of this object is active(1).
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659, and Section 2 of RFC 2579
+ (Textual Conventions for Conventions for SMIv2)."
+ ::= { natAddrMapEntry 21 }
+
+--
+-- Address Bind section
+--
+
+natAddrBindNumberOfEntries OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object maintains a count of the number of entries
+ that currently exist in the natAddrBindTable.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBObjects 5 }
+
+--
+-- The NAT Address BIND Table
+--
+
+natAddrBindTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NatAddrBindEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This table holds information about the currently
+ active NAT BINDs.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBObjects 6 }
+
+
+
+
+Perreault, et al. Standards Track [Page 25]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+natAddrBindEntry OBJECT-TYPE
+ SYNTAX NatAddrBindEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Each entry in this table holds information about
+ an active address BIND. These entries are lost
+ upon agent restart.
+
+ This row has indexing that may create variables with
+ more than 128 subidentifiers. Implementers of this
+ table must be careful not to create entries that would
+ result in OIDs that exceed the 128 subidentifier limit.
+ Otherwise, the information cannot be accessed using
+ SNMPv1, SNMPv2c, or SNMPv3.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+
+ INDEX { ifIndex,
+ natAddrBindLocalAddrType,
+ natAddrBindLocalAddr }
+ ::= { natAddrBindTable 1 }
+
+NatAddrBindEntry ::= SEQUENCE {
+ natAddrBindLocalAddrType InetAddressType,
+ natAddrBindLocalAddr InetAddress,
+ natAddrBindGlobalAddrType InetAddressType,
+ natAddrBindGlobalAddr InetAddress,
+ natAddrBindId NatBindId,
+ natAddrBindTranslationEntity NatTranslationEntity,
+ natAddrBindType NatAssociationType,
+ natAddrBindMapIndex NatAddrMapId,
+ natAddrBindSessions Gauge32,
+ natAddrBindMaxIdleTime TimeTicks,
+ natAddrBindCurrentIdleTime TimeTicks,
+ natAddrBindInTranslates Counter64,
+ natAddrBindOutTranslates Counter64
+}
+
+natAddrBindLocalAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natAddrBindLocalAddr.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+
+
+
+Perreault, et al. Standards Track [Page 26]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ ::= { natAddrBindEntry 1 }
+
+natAddrBindLocalAddr OBJECT-TYPE
+ SYNTAX InetAddress (SIZE (4|16))
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents the private-realm-specific
+ network-layer address, which maps to the public-realm
+ address represented by natAddrBindGlobalAddr.
+
+ The type of this address is determined by the value of
+ the natAddrBindLocalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 2 }
+
+natAddrBindGlobalAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natAddrBindGlobalAddr.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 3 }
+
+natAddrBindGlobalAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents the public-realm network-layer
+ address that maps to the private-realm network-layer
+ address represented by natAddrBindLocalAddr.
+
+ The type of this address is determined by the value of
+ the natAddrBindGlobalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 4 }
+
+natAddrBindId OBJECT-TYPE
+ SYNTAX NatBindId
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+
+
+
+Perreault, et al. Standards Track [Page 27]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ "This object represents a bind ID that is dynamically
+ assigned to each bind by a NAT-enabled device. Each
+ bind is represented by a bind ID that is
+ unique across both the natAddrBindTable and the
+ natAddrPortBindTable.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 5 }
+
+natAddrBindTranslationEntity OBJECT-TYPE
+ SYNTAX NatTranslationEntity
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents the direction of sessions
+ for which this bind is applicable and the endpoint
+ entity (source or destination) within the sessions that
+ is subject to translation using the BIND.
+
+ Orientation of the bind can be a superset of
+ translationEntity of the address map entry that
+ forms the basis for this bind.
+
+ For example, if the translationEntity of an
+ address map entry is outboundSrcEndPoint, the
+ translationEntity of a bind derived from this
+ map entry may either be outboundSrcEndPoint or
+ it may be bidirectional (a bitmask of
+ outboundSrcEndPoint and inboundDstEndPoint).
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 6 }
+
+natAddrBindType OBJECT-TYPE
+ SYNTAX NatAssociationType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object indicates whether the bind is static or
+ dynamic.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 7 }
+
+natAddrBindMapIndex OBJECT-TYPE
+ SYNTAX NatAddrMapId
+ MAX-ACCESS read-only
+ STATUS deprecated
+
+
+
+Perreault, et al. Standards Track [Page 28]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ DESCRIPTION
+ "This object is a pointer to the natAddrMapTable entry
+ (and the parameters of that entry) that was used in
+ creating this BIND. This object, in conjunction with
+ the ifIndex (which identifies a unique addrMapName)
+ points to a unique entry in the natAddrMapTable.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 8 }
+
+natAddrBindSessions OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Number of sessions currently using this BIND.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 9 }
+
+natAddrBindMaxIdleTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object indicates the maximum time for
+ which this bind can be idle with no sessions
+ attached to it.
+
+ The value of this object is of relevance only for
+ dynamic NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 10 }
+
+natAddrBindCurrentIdleTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "At any given instance, this object indicates the
+ time that this bind has been idle without any sessions
+ attached to it.
+
+ The value of this object is of relevance only for
+ dynamic NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+
+
+
+Perreault, et al. Standards Track [Page 29]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ ::= { natAddrBindEntry 11 }
+
+natAddrBindInTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of inbound packets that were successfully
+ translated by using this bind entry.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 12 }
+
+natAddrBindOutTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of outbound packets that were successfully
+ translated using this bind entry.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrBindEntry 13 }
+
+--
+-- Address Port Bind section
+--
+
+natAddrPortBindNumberOfEntries OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object maintains a count of the number of entries
+ that currently exist in the natAddrPortBindTable.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBObjects 7 }
+
+
+
+Perreault, et al. Standards Track [Page 30]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+--
+-- The NAT Address Port Bind Table
+--
+
+natAddrPortBindTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NatAddrPortBindEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This table holds information about the currently
+ active NAPT BINDs.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBObjects 8 }
+
+natAddrPortBindEntry OBJECT-TYPE
+ SYNTAX NatAddrPortBindEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Each entry in the this table holds information
+ about a NAPT bind that is currently active.
+ These entries are lost upon agent restart.
+
+ This row has indexing that may create variables with
+ more than 128 subidentifiers. Implementers of this
+ table must be careful not to create entries that would
+ result in OIDs that exceed the 128 subidentifier limit.
+ Otherwise, the information cannot be accessed using
+ SNMPv1, SNMPv2c, or SNMPv3.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ INDEX { ifIndex, natAddrPortBindLocalAddrType,
+ natAddrPortBindLocalAddr, natAddrPortBindLocalPort,
+ natAddrPortBindProtocol }
+ ::= { natAddrPortBindTable 1 }
+
+NatAddrPortBindEntry ::= SEQUENCE {
+ natAddrPortBindLocalAddrType InetAddressType,
+ natAddrPortBindLocalAddr InetAddress,
+ natAddrPortBindLocalPort InetPortNumber,
+ natAddrPortBindProtocol NatProtocolType,
+ natAddrPortBindGlobalAddrType InetAddressType,
+ natAddrPortBindGlobalAddr InetAddress,
+ natAddrPortBindGlobalPort InetPortNumber,
+ natAddrPortBindId NatBindId,
+ natAddrPortBindTranslationEntity NatTranslationEntity,
+ natAddrPortBindType NatAssociationType,
+
+
+
+Perreault, et al. Standards Track [Page 31]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ natAddrPortBindMapIndex NatAddrMapId,
+ natAddrPortBindSessions Gauge32,
+ natAddrPortBindMaxIdleTime TimeTicks,
+ natAddrPortBindCurrentIdleTime TimeTicks,
+ natAddrPortBindInTranslates Counter64,
+ natAddrPortBindOutTranslates Counter64
+}
+
+natAddrPortBindLocalAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natAddrPortBindLocalAddr.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 1 }
+
+natAddrPortBindLocalAddr OBJECT-TYPE
+ SYNTAX InetAddress (SIZE(4|16))
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents the private-realm-specific
+ network-layer address that, in conjunction with
+ natAddrPortBindLocalPort, maps to the public-realm
+ network-layer address and transport ID represented by
+ natAddrPortBindGlobalAddr and natAddrPortBindGlobalPort,
+ respectively.
+
+ The type of this address is determined by the value of
+ the natAddrPortBindLocalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 2 }
+
+natAddrPortBindLocalPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "For a protocol value TCP or UDP, this object represents
+ the private-realm-specific port number. On the other
+ hand, for ICMP a bind is created only for query/response-
+ type ICMP messages such as ICMP echo, Timestamp, and
+ Information request messages, and this object represents
+ the private-realm-specific identifier in the ICMP
+
+
+
+Perreault, et al. Standards Track [Page 32]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ message, as defined in RFC 792 for ICMPv4 and in RFC
+ 4443 for ICMPv6.
+
+ This object, together with natAddrPortBindProtocol,
+ natAddrPortBindLocalAddrType, and
+ natAddrPortBindLocalAddr, constitutes a session endpoint
+ in the private realm. A bind entry binds a private-
+ realm-specific endpoint to a public-realm-specific
+ endpoint, as represented by the tuple of
+ (natAddrPortBindGlobalPort, natAddrPortBindProtocol,
+ natAddrPortBindGlobalAddrType, and
+ natAddrPortBindGlobalAddr).
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 3 }
+
+natAddrPortBindProtocol OBJECT-TYPE
+ SYNTAX NatProtocolType
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies a protocol identifier. If the
+ value of this object is none(1), then this bind entry
+ applies to all IP traffic. Any other value of this
+ object specifies the class of IP traffic to which this
+ BIND applies.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 4 }
+
+natAddrPortBindGlobalAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natAddrPortBindGlobalAddr.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 5 }
+
+natAddrPortBindGlobalAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents the public-realm-specific network-
+ layer address that, in conjunction with
+
+
+
+Perreault, et al. Standards Track [Page 33]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ natAddrPortBindGlobalPort, maps to the private-realm
+ network-layer address and transport ID represented by
+ natAddrPortBindLocalAddr and natAddrPortBindLocalPort,
+ respectively.
+
+ The type of this address is determined by the value of
+ the natAddrPortBindGlobalAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 6 }
+
+natAddrPortBindGlobalPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "For a protocol value TCP or UDP, this object represents
+ the public-realm-specific port number. On the other
+ hand, for ICMP a bind is created only for query/response-
+ type ICMP messages such as ICMP echo, Timestamp, and
+ Information request messages, and this object represents
+ the public-realm-specific identifier in the ICMP
+ message, as defined in RFC 792 for ICMPv4 and in RFC
+ 4443 for ICMPv6.
+
+ This object, together with natAddrPortBindProtocol,
+ natAddrPortBindGlobalAddrType, and
+ natAddrPortBindGlobalAddr, constitutes a session
+ endpoint in the public realm. A bind entry binds a
+ public-realm-specific endpoint to a private-realm-
+ specific endpoint, as represented by the tuple of
+ (natAddrPortBindLocalPort, natAddrPortBindProtocol,
+ natAddrPortBindLocalAddrType, and
+ natAddrPortBindLocalAddr).
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 7 }
+
+natAddrPortBindId OBJECT-TYPE
+ SYNTAX NatBindId
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents a bind ID that is dynamically
+ assigned to each bind by a NAT-enabled device. Each
+ bind is represented by a unique bind ID across both
+ the natAddrBindTable and the natAddrPortBindTable.
+ Deprecated in favor of NATV2-MIB."
+
+
+
+Perreault, et al. Standards Track [Page 34]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 8 }
+
+natAddrPortBindTranslationEntity OBJECT-TYPE
+ SYNTAX NatTranslationEntity
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents the direction of sessions
+ for which this bind is applicable and the entity
+ (source or destination) within the sessions that is
+ subject to translation with the BIND.
+
+ Orientation of the bind can be a superset of the
+ translationEntity of the address map entry that
+ forms the basis for this bind.
+
+ For example, if the translationEntity of an
+ address map entry is outboundSrcEndPoint, the
+ translationEntity of a bind derived from this
+ map entry may either be outboundSrcEndPoint or
+ may be bidirectional (a bitmask of
+ outboundSrcEndPoint and inboundDstEndPoint).
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 9 }
+
+natAddrPortBindType OBJECT-TYPE
+ SYNTAX NatAssociationType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object indicates whether the bind is static or
+ dynamic.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 10 }
+
+natAddrPortBindMapIndex OBJECT-TYPE
+ SYNTAX NatAddrMapId
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object is a pointer to the natAddrMapTable entry
+ (and the parameters of that entry) used in
+ creating this BIND. This object, in conjunction with
+ the ifIndex (which identifies a unique addrMapName),
+ points to a unique entry in the natAddrMapTable.
+
+
+
+Perreault, et al. Standards Track [Page 35]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 11 }
+
+natAddrPortBindSessions OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Number of sessions currently using this BIND.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 12 }
+
+natAddrPortBindMaxIdleTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+
+ DESCRIPTION
+ "This object indicates the maximum time for
+ which this bind can be idle without any sessions
+ attached to it.
+ The value of this object is of relevance
+ only for dynamic NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 13 }
+
+natAddrPortBindCurrentIdleTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "At any given instance, this object indicates the
+ time that this bind has been idle without any sessions
+ attached to it.
+
+ The value of this object is of relevance
+ only for dynamic NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 14 }
+
+natAddrPortBindInTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+
+
+
+Perreault, et al. Standards Track [Page 36]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ DESCRIPTION
+ "The number of inbound packets that were translated as
+ per this bind entry.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 15 }
+
+natAddrPortBindOutTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of outbound packets that were translated as
+ per this bind entry.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natAddrPortBindEntry 16 }
+
+--
+-- The Session Table
+--
+
+natSessionTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NatSessionEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The (conceptual) table containing one entry for each
+ NAT session currently active on this NAT device.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBObjects 9 }
+
+natSessionEntry OBJECT-TYPE
+ SYNTAX NatSessionEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+
+
+
+Perreault, et al. Standards Track [Page 37]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ "An entry (conceptual row) containing information
+ about an active NAT session on this NAT device.
+ These entries are lost upon agent restart.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ INDEX { ifIndex, natSessionIndex }
+ ::= { natSessionTable 1 }
+
+NatSessionEntry ::= SEQUENCE {
+ natSessionIndex NatSessionId,
+ natSessionPrivateSrcEPBindId NatBindIdOrZero,
+ natSessionPrivateSrcEPBindMode NatBindMode,
+ natSessionPrivateDstEPBindId NatBindIdOrZero,
+ natSessionPrivateDstEPBindMode NatBindMode,
+ natSessionDirection INTEGER,
+ natSessionUpTime TimeTicks,
+ natSessionAddrMapIndex NatAddrMapId,
+ natSessionProtocolType NatProtocolType,
+ natSessionPrivateAddrType InetAddressType,
+ natSessionPrivateSrcAddr InetAddress,
+ natSessionPrivateSrcPort InetPortNumber,
+ natSessionPrivateDstAddr InetAddress,
+ natSessionPrivateDstPort InetPortNumber,
+ natSessionPublicAddrType InetAddressType,
+ natSessionPublicSrcAddr InetAddress,
+ natSessionPublicSrcPort InetPortNumber,
+ natSessionPublicDstAddr InetAddress,
+ natSessionPublicDstPort InetPortNumber,
+ natSessionMaxIdleTime TimeTicks,
+ natSessionCurrentIdleTime TimeTicks,
+ natSessionInTranslates Counter64,
+ natSessionOutTranslates Counter64
+}
+
+natSessionIndex OBJECT-TYPE
+ SYNTAX NatSessionId
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The session ID for this NAT session.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 1 }
+
+natSessionPrivateSrcEPBindId OBJECT-TYPE
+ SYNTAX NatBindIdOrZero
+ MAX-ACCESS read-only
+ STATUS deprecated
+
+
+
+Perreault, et al. Standards Track [Page 38]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ DESCRIPTION
+ "The bind ID associated between private and public
+ source endpoints. In the case of Symmetric-NAT,
+ this should be set to zero.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 2 }
+
+natSessionPrivateSrcEPBindMode OBJECT-TYPE
+ SYNTAX NatBindMode
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object indicates whether the bind indicated
+ by the object natSessionPrivateSrcEPBindId
+ is an address bind or an address port bind.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 3 }
+
+natSessionPrivateDstEPBindId OBJECT-TYPE
+ SYNTAX NatBindIdOrZero
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The bind ID associated between private and public
+ destination endpoints.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 4 }
+
+natSessionPrivateDstEPBindMode OBJECT-TYPE
+ SYNTAX NatBindMode
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object indicates whether the bind indicated
+ by the object natSessionPrivateDstEPBindId
+ is an address bind or an address port bind.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 5 }
+
+natSessionDirection OBJECT-TYPE
+ SYNTAX INTEGER {
+ inbound (1),
+ outbound (2)
+ }
+
+
+
+Perreault, et al. Standards Track [Page 39]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The direction of this session with respect to the
+ local network. 'inbound' indicates that this session
+ was initiated from the public network into the private
+ network. 'outbound' indicates that this session was
+ initiated from the private network into the public
+ network.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 6 }
+
+natSessionUpTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The uptime of this session in hundredths of a
+ second.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 7 }
+
+natSessionAddrMapIndex OBJECT-TYPE
+ SYNTAX NatAddrMapId
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object is a pointer to the natAddrMapTable entry
+ (and the parameters of that entry) used in
+ creating this session. This object, in conjunction with
+ the ifIndex (which identifies a unique addrMapName),
+ points to a unique entry in the natAddrMapTable.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 8 }
+
+natSessionProtocolType OBJECT-TYPE
+ SYNTAX NatProtocolType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The protocol type of this session.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 9 }
+
+
+
+
+Perreault, et al. Standards Track [Page 40]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+natSessionPrivateAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natSessionPrivateSrcAddr and natSessionPrivateDstAddr.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 10 }
+
+natSessionPrivateSrcAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The source IP address of the session endpoint that
+ lies in the private network.
+
+ The value of this object must be zero only when the
+ natSessionPrivateSrcEPBindId object has a zero value.
+ When the value of this object is zero, the NAT session
+ lookup will match any IP address to this field.
+
+ The type of this address is determined by the value of
+ the natSessionPrivateAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 11 }
+
+natSessionPrivateSrcPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "For a protocol value of TCP or UDP, this object
+ represents the source port in the first packet of a
+ session while in a private realm. On the other hand, when
+ the protocol is ICMP, a NAT session is created only for
+ query/response-type ICMP messages such as ICMP echo,
+ Timestamp, and Information request messages, and this
+ object represents the private-realm specific identifier
+ in the ICMP message, as defined in RFC 792 for ICMPv4
+ and in RFC 4443 for ICMPv6.
+
+ The value of this object must be zero when the
+ natSessionPrivateSrcEPBindId object has zero value
+ and value of natSessionPrivateSrcEPBindMode is
+
+
+
+Perreault, et al. Standards Track [Page 41]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ addressPortBind(2). In such a case, the NAT session
+ lookup will match any port number to this field.
+
+ The value of this object must be zero when the object
+ is not a representative field (SrcPort, DstPort, or
+ ICMP identifier) of the session tuple in either the
+ public realm or the private realm.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 12 }
+
+natSessionPrivateDstAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The destination IP address of the session endpoint that
+ lies in the private network.
+
+ The value of this object must be zero when the
+ natSessionPrivateDstEPBindId object has a zero value.
+ In such a scenario, the NAT session lookup will match
+ any IP address to this field.
+
+ The type of this address is determined by the value of
+ the natSessionPrivateAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 13 }
+
+natSessionPrivateDstPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "When the value of protocol is TCP or UDP, this object
+ represents the destination port in the first packet
+ of session while in private-realm. On the other hand,
+ when the protocol is ICMP, this object is not relevant
+ and should be set to zero.
+
+ The value of this object must be zero when the
+ natSessionPrivateDstEPBindId object has a zero
+ value and natSessionPrivateDstEPBindMode is set to
+ addressPortBind(2). In such a case, the NAT session
+ lookup will match any port number to this field.
+
+ The value of this object must be zero when the object
+
+
+
+Perreault, et al. Standards Track [Page 42]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ is not a representative field (SrcPort, DstPort, or
+ ICMP identifier) of the session tuple in either the
+ public realm or the private realm.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 14 }
+
+natSessionPublicAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This object specifies the address type used for
+ natSessionPublicSrcAddr and natSessionPublicDstAddr.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 15 }
+
+natSessionPublicSrcAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The source IP address of the session endpoint that
+ lies in the public network.
+
+ The value of this object must be zero when the
+ natSessionPrivateSrcEPBindId object has a zero value.
+ In such a scenario, the NAT session lookup will match
+ any IP address to this field.
+
+ The type of this address is determined by the value of
+ the natSessionPublicAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 16 }
+
+natSessionPublicSrcPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "When the protocol value is TCP or UDP, this object
+ represents the source port in the first packet of
+ session while in public-realm. On the other hand, when
+ protocol is ICMP, a NAT session is created only for
+ query/response-type ICMP messages such as ICMP echo,
+ Timestamp, and Information request messages, and this
+
+
+
+Perreault, et al. Standards Track [Page 43]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ object represents the public-realm-specific identifier
+ in the ICMP message, as defined in RFC 792 for ICMPv4
+ and in RFC 4443 for ICMPv6.
+
+ The value of this object must be zero when the
+ natSessionPrivateSrcEPBindId object has a zero value
+ and natSessionPrivateSrcEPBindMode is set to
+ addressPortBind(2). In such a scenario, the NAT
+ session lookup will match any port number to this
+ field.
+
+ The value of this object must be zero when the object
+ is not a representative field (SrcPort, DstPort, or
+ ICMP identifier) of the session tuple in either the
+ public realm or the private realm.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 17 }
+
+natSessionPublicDstAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The destination IP address of the session endpoint that
+ lies in the public network.
+
+ The value of this object must be non-zero when the
+ natSessionPrivateDstEPBindId object has a non-zero
+ value. If the value of this object and the
+ corresponding natSessionPrivateDstEPBindId object value
+ are zero, then the NAT session lookup will match any IP
+ address to this field.
+
+ The type of this address is determined by the value of
+ the natSessionPublicAddrType object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 18 }
+
+natSessionPublicDstPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "When the protocol value is TCP or UDP, this object
+ represents the destination port in the first packet of
+ session while in the public realm. On the other hand, when
+
+
+
+Perreault, et al. Standards Track [Page 44]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ the protocol is ICMP, this object is not relevant for
+ translation and should be zero.
+
+ The value of this object must be zero when the
+ natSessionPrivateDstEPBindId object has a zero value
+ and natSessionPrivateDstEPBindMode is
+ addressPortBind(2). In such a scenario, the NAT
+ session lookup will match any port number to this
+ field.
+
+ The value of this object must be zero when the object
+ is not a representative field (SrcPort, DstPort, or
+ ICMP identifier) of the session tuple in either the
+ public realm or the private realm.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 19 }
+
+natSessionMaxIdleTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The max time for which this session can be idle
+ without detecting a packet.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 20 }
+
+natSessionCurrentIdleTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The time since a packet belonging to this session was
+ last detected.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 21 }
+
+natSessionInTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of inbound packets that were translated for
+ this session.
+
+
+
+
+Perreault, et al. Standards Track [Page 45]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 22 }
+
+natSessionOutTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of outbound packets that were translated for
+ this session.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natSessionEntry 23 }
+
+--
+-- The Protocol table
+--
+
+natProtocolTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NatProtocolEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The (conceptual) table containing per-protocol NAT
+ statistics.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBObjects 10 }
+
+natProtocolEntry OBJECT-TYPE
+ SYNTAX NatProtocolEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "An entry (conceptual row) containing NAT statistics
+ pertaining to a particular protocol.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+
+
+
+Perreault, et al. Standards Track [Page 46]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ INDEX { natProtocol }
+ ::= { natProtocolTable 1 }
+
+NatProtocolEntry ::= SEQUENCE {
+ natProtocol NatProtocolType,
+ natProtocolInTranslates Counter64,
+ natProtocolOutTranslates Counter64,
+ natProtocolDiscards Counter64
+}
+
+natProtocol OBJECT-TYPE
+ SYNTAX NatProtocolType
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "This object represents the protocol pertaining to which
+ parameters are reported.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natProtocolEntry 1 }
+
+natProtocolInTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of inbound packets pertaining to the protocol
+ identified by natProtocol that underwent NAT.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natProtocolEntry 2 }
+
+natProtocolOutTranslates OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of outbound packets pertaining to the
+ protocol identified by natProtocol that underwent NAT.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+
+
+
+Perreault, et al. Standards Track [Page 47]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natProtocolEntry 3 }
+
+natProtocolDiscards OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of packets pertaining to the protocol
+ identified by natProtocol that had to be
+ rejected/dropped due to lack of resources. These
+ rejections could be due to session timeout, resource
+ unavailability, lack of address space, etc.
+
+ Discontinuities in the value of this counter can occur
+ at reinitialization of the management system and at
+ other times, as indicated by the value of
+ ifCounterDiscontinuityTime on the relevant interface.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natProtocolEntry 4 }
+
+--
+-- Notifications section
+--
+
+natMIBNotifications OBJECT IDENTIFIER ::= { natMIB 0 }
+
+--
+-- Notifications
+--
+
+natPacketDiscard NOTIFICATION-TYPE
+ OBJECTS { ifIndex }
+ STATUS deprecated
+ DESCRIPTION
+ "This notification is generated when IP packets are
+ discarded by the NAT function; e.g., due to lack of
+ mapping space when NAT is out of addresses or ports.
+
+ Note that the generation of natPacketDiscard
+ notifications is throttled by the agent, as specified
+ by the 'natNotifThrottlingInterval' object.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBNotifications 1 }
+
+
+
+Perreault, et al. Standards Track [Page 48]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+--
+-- Conformance information.
+--
+
+natMIBConformance OBJECT IDENTIFIER ::= { natMIB 2 }
+
+natMIBGroups OBJECT IDENTIFIER ::= { natMIBConformance 1 }
+natMIBCompliances OBJECT IDENTIFIER ::= { natMIBConformance 2 }
+
+--
+-- Units of conformance
+--
+
+natConfigGroup OBJECT-GROUP
+ OBJECTS { natInterfaceRealm,
+ natInterfaceServiceType,
+ natInterfaceStorageType,
+ natInterfaceRowStatus,
+ natAddrMapName,
+ natAddrMapEntryType,
+ natAddrMapTranslationEntity,
+ natAddrMapLocalAddrType,
+ natAddrMapLocalAddrFrom,
+ natAddrMapLocalAddrTo,
+ natAddrMapLocalPortFrom,
+ natAddrMapLocalPortTo,
+ natAddrMapGlobalAddrType,
+ natAddrMapGlobalAddrFrom,
+ natAddrMapGlobalAddrTo,
+ natAddrMapGlobalPortFrom,
+ natAddrMapGlobalPortTo,
+ natAddrMapProtocol,
+ natAddrMapStorageType,
+ natAddrMapRowStatus,
+ natBindDefIdleTimeout,
+ natUdpDefIdleTimeout,
+ natIcmpDefIdleTimeout,
+ natOtherDefIdleTimeout,
+ natTcpDefIdleTimeout,
+ natTcpDefNegTimeout,
+ natNotifThrottlingInterval }
+ STATUS deprecated
+ DESCRIPTION
+ "A collection of configuration-related information
+ required to support management of devices supporting
+ NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+
+
+
+Perreault, et al. Standards Track [Page 49]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ ::= { natMIBGroups 1 }
+
+natTranslationGroup OBJECT-GROUP
+ OBJECTS { natAddrBindNumberOfEntries,
+ natAddrBindGlobalAddrType,
+ natAddrBindGlobalAddr,
+ natAddrBindId,
+ natAddrBindTranslationEntity,
+ natAddrBindType,
+ natAddrBindMapIndex,
+ natAddrBindSessions,
+ natAddrBindMaxIdleTime,
+ natAddrBindCurrentIdleTime,
+ natAddrBindInTranslates,
+ natAddrBindOutTranslates,
+ natAddrPortBindNumberOfEntries,
+ natAddrPortBindGlobalAddrType,
+ natAddrPortBindGlobalAddr,
+ natAddrPortBindGlobalPort,
+ natAddrPortBindId,
+ natAddrPortBindTranslationEntity,
+ natAddrPortBindType,
+ natAddrPortBindMapIndex,
+ natAddrPortBindSessions,
+ natAddrPortBindMaxIdleTime,
+ natAddrPortBindCurrentIdleTime,
+ natAddrPortBindInTranslates,
+ natAddrPortBindOutTranslates,
+ natSessionPrivateSrcEPBindId,
+ natSessionPrivateSrcEPBindMode,
+ natSessionPrivateDstEPBindId,
+ natSessionPrivateDstEPBindMode,
+ natSessionDirection,
+ natSessionUpTime,
+ natSessionAddrMapIndex,
+ natSessionProtocolType,
+ natSessionPrivateAddrType,
+ natSessionPrivateSrcAddr,
+ natSessionPrivateSrcPort,
+ natSessionPrivateDstAddr,
+ natSessionPrivateDstPort,
+ natSessionPublicAddrType,
+ natSessionPublicSrcAddr,
+ natSessionPublicSrcPort,
+ natSessionPublicDstAddr,
+ natSessionPublicDstPort,
+ natSessionMaxIdleTime,
+ natSessionCurrentIdleTime,
+
+
+
+Perreault, et al. Standards Track [Page 50]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ natSessionInTranslates,
+ natSessionOutTranslates }
+ STATUS deprecated
+ DESCRIPTION
+ "A collection of BIND-related objects required to support
+ management of devices supporting NAT.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBGroups 2 }
+
+natStatsInterfaceGroup OBJECT-GROUP
+ OBJECTS { natInterfaceInTranslates,
+ natInterfaceOutTranslates,
+ natInterfaceDiscards }
+ STATUS deprecated
+ DESCRIPTION
+ "A collection of NAT statistics associated with the
+ interface on which NAT is configured, to aid
+ troubleshooting/monitoring of the NAT operation.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBGroups 3 }
+
+natStatsProtocolGroup OBJECT-GROUP
+ OBJECTS { natProtocolInTranslates,
+ natProtocolOutTranslates,
+ natProtocolDiscards }
+ STATUS deprecated
+ DESCRIPTION
+ "A collection of protocol-specific NAT statistics,
+ to aid troubleshooting/monitoring of NAT operation.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBGroups 4 }
+
+natStatsAddrMapGroup OBJECT-GROUP
+ OBJECTS { natAddrMapInTranslates,
+ natAddrMapOutTranslates,
+ natAddrMapDiscards,
+ natAddrMapAddrUsed }
+ STATUS deprecated
+ DESCRIPTION
+ "A collection of address-map-specific NAT statistics,
+ to aid troubleshooting/monitoring of NAT operation.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBGroups 5 }
+
+
+
+
+Perreault, et al. Standards Track [Page 51]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+natMIBNotificationGroup NOTIFICATION-GROUP
+ NOTIFICATIONS { natPacketDiscard }
+ STATUS deprecated
+ DESCRIPTION
+ "A collection of notifications generated by
+ devices supporting this MIB.
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ ::= { natMIBGroups 6 }
+
+--
+-- Compliance statements
+--
+
+natMIBFullCompliance MODULE-COMPLIANCE
+ STATUS deprecated
+ DESCRIPTION
+ "When this MIB is implemented with support for
+ read-create, then such an implementation can claim
+ full compliance. Such devices can then be both
+ monitored and configured with this MIB.
+
+ The following index objects cannot be added as OBJECT
+ clauses but nevertheless have the compliance
+ requirements:
+
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ -- OBJECT natAddrBindLocalAddrType
+ -- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+
+ -- OBJECT natAddrBindLocalAddr
+ -- SYNTAX InetAddress (SIZE(4|16))
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+
+ -- OBJECT natAddrPortBindLocalAddrType
+ -- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+
+
+
+Perreault, et al. Standards Track [Page 52]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ -- OBJECT natAddrPortBindLocalAddr
+ -- SYNTAX InetAddress (SIZE(4|16))
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+
+ MODULE IF-MIB -- The interfaces MIB, RFC2863
+ MANDATORY-GROUPS {
+ ifCounterDiscontinuityGroup
+ }
+
+ MODULE -- this module
+ MANDATORY-GROUPS { natConfigGroup, natTranslationGroup,
+ natStatsInterfaceGroup }
+
+ GROUP natStatsProtocolGroup
+ DESCRIPTION
+ "This group is optional."
+ GROUP natStatsAddrMapGroup
+ DESCRIPTION
+ "This group is optional."
+ GROUP natMIBNotificationGroup
+ DESCRIPTION
+ "This group is optional."
+
+ OBJECT natAddrMapLocalAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrMapLocalAddrFrom
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrMapLocalAddrTo
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrMapGlobalAddrType
+
+
+
+Perreault, et al. Standards Track [Page 53]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrMapGlobalAddrFrom
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrMapGlobalAddrTo
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrBindGlobalAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrBindGlobalAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrPortBindGlobalAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natAddrPortBindGlobalAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+
+
+
+Perreault, et al. Standards Track [Page 54]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ OBJECT natSessionPrivateAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natSessionPrivateSrcAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+
+ OBJECT natSessionPrivateDstAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natSessionPublicAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natSessionPublicSrcAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ OBJECT natSessionPublicDstAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support
+ for IPv4 and IPv6."
+
+ ::= { natMIBCompliances 1 }
+
+natMIBReadOnlyCompliance MODULE-COMPLIANCE
+ STATUS deprecated
+ DESCRIPTION
+
+
+
+Perreault, et al. Standards Track [Page 55]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ "When this MIB is implemented without support for
+ read-create (i.e., in read-only mode), then such an
+ implementation can claim read-only compliance.
+ Such a device can then be monitored but cannot be
+ configured with this MIB.
+
+ The following index objects cannot be added as OBJECT
+ clauses but nevertheless have the compliance
+ requirements:
+
+ Deprecated in favor of NATV2-MIB."
+ REFERENCE "RFC 7658, RFC 7659"
+ -- OBJECT natAddrBindLocalAddrType
+ -- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+
+ -- OBJECT natAddrBindLocalAddr
+ -- SYNTAX InetAddress (SIZE(4|16))
+
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+
+ -- OBJECT natAddrPortBindLocalAddrType
+ -- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+ -- OBJECT natAddrPortBindLocalAddr
+ -- SYNTAX InetAddress (SIZE(4|16))
+ -- DESCRIPTION
+ -- "An implementation is required to support
+ -- global IPv4 and/or IPv6 addresses, depending
+ -- on its support for IPv4 and IPv6."
+
+ MODULE IF-MIB -- The interfaces MIB, RFC 2863
+ MANDATORY-GROUPS {
+ ifCounterDiscontinuityGroup
+ }
+
+ MODULE -- this module
+ MANDATORY-GROUPS { natConfigGroup, natTranslationGroup,
+ natStatsInterfaceGroup }
+
+
+
+Perreault, et al. Standards Track [Page 56]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ GROUP natStatsProtocolGroup
+ DESCRIPTION
+ "This group is optional."
+ GROUP natStatsAddrMapGroup
+ DESCRIPTION
+ "This group is optional."
+ GROUP natMIBNotificationGroup
+ DESCRIPTION
+ "This group is optional."
+ OBJECT natInterfaceRowStatus
+ SYNTAX RowStatus { active(1) }
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required, and active is the only
+ status that needs to be supported."
+
+ OBJECT natAddrMapLocalAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required. An implementation is
+ required to support global IPv4 and/or IPv6 addresses,
+ depending on its support for IPv4 and IPv6."
+
+ OBJECT natAddrMapLocalAddrFrom
+ SYNTAX InetAddress (SIZE(4|16))
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required. An implementation is
+ required to support global IPv4 and/or IPv6 addresses,
+ depending on its support for IPv4 and IPv6."
+
+ OBJECT natAddrMapLocalAddrTo
+ SYNTAX InetAddress (SIZE(4|16))
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required. An implementation is
+ required to support global IPv4 and/or IPv6 addresses,
+ depending on its support for IPv4 and IPv6."
+
+ OBJECT natAddrMapGlobalAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required. An implementation is
+ required to support global IPv4 and/or IPv6 addresses,
+ depending on its support for IPv4 and IPv6."
+
+
+
+
+Perreault, et al. Standards Track [Page 57]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ OBJECT natAddrMapGlobalAddrFrom
+ SYNTAX InetAddress (SIZE(4|16))
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required. An implementation is
+ required to support global IPv4 and/or IPv6 addresses,
+ depending on its support for IPv4 and IPv6."
+
+ OBJECT natAddrMapGlobalAddrTo
+ SYNTAX InetAddress (SIZE(4|16))
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required. An implementation is
+ required to support global IPv4 and/or IPv6 addresses,
+ depending on its support for IPv4 and IPv6."
+
+ OBJECT natAddrMapRowStatus
+ SYNTAX RowStatus { active(1) }
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required, and active is the only
+ status that needs to be supported."
+
+ OBJECT natAddrBindGlobalAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natAddrBindGlobalAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natAddrPortBindGlobalAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natAddrPortBindGlobalAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+
+
+
+Perreault, et al. Standards Track [Page 58]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natSessionPrivateAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natSessionPrivateSrcAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natSessionPrivateDstAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natSessionPublicAddrType
+ SYNTAX InetAddressType { ipv4(1), ipv6(2) }
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natSessionPublicSrcAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ OBJECT natSessionPublicDstAddr
+ SYNTAX InetAddress (SIZE(4|16))
+ DESCRIPTION
+ "An implementation is required to support global IPv4
+ and/or IPv6 addresses, depending on its support for
+ IPv4 and IPv6."
+
+ ::= { natMIBCompliances 2 }
+
+END
+
+
+
+Perreault, et al. Standards Track [Page 59]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+5. Security Considerations
+
+ All objects in this MIB module have been deprecated. As a result,
+ the security considerations in [RFC7659] apply instead. Amongst
+ other matters, these considerations cover the case where both this
+ MIB module and NATV2-MIB are present. In fact, such a situation is
+ unlikely because [RFC4008], as a MIB module oriented toward
+ configuration, was overtaken by events and saw little implementation.
+
+6. IANA Considerations
+
+ IANA has assigned object identifier 123 to the natMIB module, with
+ prefix iso.org.dod.internet.mgmt.mib-2 in the Network Management
+ Parameters registry [SMI-NUMBERS].
+
+ IANA has marked that identifier as DEPRECATED and updated the
+ reference from [RFC4008] to the present document.
+
+7. References
+
+7.1. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119,
+ DOI 10.17487/RFC2119, March 1997,
+ <http://www.rfc-editor.org/info/rfc2119>.
+
+ [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
+ Schoenwaelder, Ed., "Structure of Management Information
+ Version 2 (SMIv2)", STD 58, RFC 2578,
+ DOI 10.17487/RFC2578, April 1999,
+ <http://www.rfc-editor.org/info/rfc2578>.
+
+ [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
+ Schoenwaelder, Ed., "Textual Conventions for SMIv2",
+ STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999,
+ <http://www.rfc-editor.org/info/rfc2579>.
+
+ [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J.
+ Schoenwaelder, Ed., "Conformance Statements for SMIv2",
+ STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999,
+ <http://www.rfc-editor.org/info/rfc2580>.
+
+ [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
+ Architecture for Describing Simple Network Management
+ Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
+ DOI 10.17487/RFC3411, December 2002,
+ <http://www.rfc-editor.org/info/rfc3411>.
+
+
+
+Perreault, et al. Standards Track [Page 60]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J.
+ Schoenwaelder, "Textual Conventions for Internet Network
+ Addresses", RFC 4001, DOI 10.17487/RFC4001, February 2005,
+ <http://www.rfc-editor.org/info/rfc4001>.
+
+ [RFC7659] Perreault, S., Tsou, T., Sivakumar, S., and T. Taylor,
+ "Definitions of Managed Objects for Network Address
+ Translators (NATs)", RFC 7659, DOI 10.17487/RFC7659,
+ October 2015, <http://www.rfc-editor.org/info/rfc7659>.
+
+7.2. Informative References
+
+ [RFC792] Postel, J., "Internet Control Message Protocol", STD 5,
+ RFC 792, DOI 10.17487/RFC0792, September 1981,
+ <http://www.rfc-editor.org/info/rfc792>.
+
+ [RFC2663] Srisuresh, P. and M. Holdrege, "IP Network Address
+ Translator (NAT) Terminology and Considerations",
+ RFC 2663, DOI 10.17487/RFC2663, August 1999,
+ <http://www.rfc-editor.org/info/rfc2663>.
+
+ [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
+ MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000,
+ <http://www.rfc-editor.org/info/rfc2863>.
+
+ [RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network
+ Address Translator (Traditional NAT)", RFC 3022,
+ DOI 10.17487/RFC3022, January 2001,
+ <http://www.rfc-editor.org/info/rfc3022>.
+
+ [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
+ "Introduction and Applicability Statements for Internet-
+ Standard Management Framework", RFC 3410,
+ DOI 10.17487/RFC3410, December 2002,
+ <http://www.rfc-editor.org/info/rfc3410>.
+
+ [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network
+ Management Protocol (SNMP) Applications", STD 62,
+ RFC 3413, DOI 10.17487/RFC3413, December 2002,
+ <http://www.rfc-editor.org/info/rfc3413>.
+
+ [RFC4008] Rohit, R., Srisuresh, P., Raghunarayan, R., Pai, N., and
+ C. Wang, "Definitions of Managed Objects for Network
+ Address Translators (NAT)", RFC 4008,
+ DOI 10.17487/RFC4008, March 2005,
+ <http://www.rfc-editor.org/info/rfc4008>.
+
+
+
+
+
+Perreault, et al. Standards Track [Page 61]
+
+RFC 7658 Deprecation of NAT-MIB v1 October 2015
+
+
+ [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet
+ Control Message Protocol (ICMPv6) for the Internet
+ Protocol Version 6 (IPv6) Specification", RFC 4443,
+ DOI 10.17487/RFC4443, March 2006,
+ <http://www.rfc-editor.org/info/rfc4443>.
+
+ [SMI-NUMBERS]
+ IANA, "Structure of Management Information (SMI) Numbers
+ (MIB Module Registrations)",
+ <http://www.iana.org/assignments/smi-numbers>.
+
+Authors' Addresses
+
+ Simon Perreault
+ Jive Communications
+ Quebec, QC
+ Canada
+
+ Email: sperreault@jive.com
+
+
+ Tina Tsou
+ Huawei Technologies
+ Bantian, Longgang District
+ Shenzhen 518129
+ China
+
+ Email: tina.tsou.zouting@huawei.com
+
+
+ Senthil Sivakumar
+ Cisco Systems
+ 7100-8 Kit Creek Road
+ Research Triangle Park, North Carolina 27709
+ United States
+
+ Phone: +1 919 392 5158
+ Email: ssenthil@cisco.com
+
+
+ Tom Taylor
+ PT Taylor Consulting
+ Ottawa
+ Canada
+
+ Email: tom.taylor.stds@gmail.com
+
+
+
+
+
+Perreault, et al. Standards Track [Page 62]
+