Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron,
TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health,
OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in
other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning
any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to
this document at any time, without notice, and assumes no responsibility for its use. This informational document describes
features that may not be currently available. Contact a Brocade sales office for information on feature and product availability.
Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with
respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that
accompany it.
The product described by this document may contain “open source” software covered by the GNU General Public License or other
open source license agreements. To find out which open source software is included in Brocade products, view the licensing
terms applicable to the open source software, and obtain a copy of the programming source code, please visit
http://www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Corporate and Latin American Headquarters
Brocade Communications Systems, Inc.
130 Holger way
San Jose, CA 95134
Tel: 1-408-333-8000
Fax: 1-408-333-8101
E-mail: info@brocade.com
European Headquarters
Brocade Communications Switzerland Sàrl
Centre Swissair
Tour B - 4è me étage
29, Route de l'Aéroport
Case Postale 105
CH-1215 Genève 15
Switzerland
Tel: +41 22 799 5640
Fax: +41 22 799 5641
E-mail: emea-info@brocade.com
Asia-Pacific Headquarters
Brocade Communications Systems China HK, Ltd.
No. 1 Guanghua Road
Chao Yang District
Units 2718 and 2818
Beijing 100020, China
Tel: +8610 6588 8888
Fax: +8610 6588 9999
E-mail: china-info@brocade.com
Asia-Pacific Headquarters
Brocade Communications Systems Co., Ltd. (Shenzhen WFOE)
Citic Plaza
No. 233 Tian He Road North
Unit 1308 – 13th Floor
Guangzhou, China
Tel: +8620 3891 2000
Fax: +8620 3891 2111
E-mail: china-info@brocade.com
Page 3
Document History
TitlePublication numberSummary of changesDate
Brocade 6910 Ethernet Access Switch
MIB Reference
Brocade 6910 Ethernet Access Switch
MIB Reference
Brocade 6910 Ethernet Access Switch
MIB Reference
Brocade 6910 Ethernet Access Switch
MIB Reference
53-1002582-01Added MIB objects for
Brocade 6910 Ethernet
Access Switch Software
Release 2.1.0.2, including
fdryLinkAggregationGroup
LacpTimeout, snTrapSys
MemoryLowThreshold,
sn TrapTem per atu reO K,
snTrapPortSecurityViolation,
snTrapStackingChasPwr
SupplyOK, snTrapStacking
ChasPwrSupplyFailed,
snTrapStackingTemperature
Warning
This section describes text formatting conventions and important notice formats used in this
document.
Text formatting
The narrative-text formatting conventions that are used are as follows:
bold textIdentifies command names
italic textProvides emphasis
code textIdentifies CLI output
Notes
Identifies the names of user-manipulated GUI elements
Identifies keywords
Identifies text to enter at the GUI or CLI
Identifies variables
Identifies document titles
The following notice statements are used in this manual.
A note provides a tip, guidance, or advice, emphasizes important information, or provides a
reference to related information.
An Attention statement indicates potential damage to hardware or data.
Related publications
The following Brocade Communications Systems, Inc. documents supplement the information in
this guide and can be located at http://www.brocade.com/ethernetproducts.
For the latest edition of these documents, which contain the most up-to-date information, see
Product Manuals at http://www.brocade.com/ethernetproducts.
To contact Technical Support, go to http://www.brocade.com/services-support/index.page for the
latest e-mail and telephone contact information.
Document feedback
Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and
completeness of this document. However, if you find an error or an omission, or you think that a
topic needs further development, we want to hear from you. Forward your feedback to:
documentation@brocade.com
Provide the title and version number of the document and as much detail as possible about your
comment, including the topic heading and page number and your suggestions for improvement.
The Management Information Base (MIB) is a database of objects that can be used by a Network
Management System (NMS) to manage and monitor devices on the network. The MIB can be
retrieved by a network management system that uses Simple Network Management Protocol
(SNMP). The MIB structure determines the scope of management access allowed by a device. By
using SNMP, a manager application can issue read or write operations within the scope of the MIB.
Obtaining and installing the Brocade 6910 MIBs
You can obtain the Brocade 6910 MIBs by downloading the file from Brocade Technical Support
site.
Chapter
1Overview of the Brocade 6910 MIB
After obtaining the MIB, follow the instructions for your network management system to be able to
use the MIB with your system.
Downloading the MIB from Technical Support web site
To download the MIB from the Brocade Technical Support Web site, you must have a user name
and password to access the Brocade support site and perform the following.
1. Go to www.brocade.com in your Web browser.
2. Login with your user name and password.
3. Click the downloads tab, then click the Knowledge Portal link.
4. Login to the Knowledge portal, then click the Software tab.
5. Click the product name. Each product release has a link for its corresponding MIB.
6. Navigate to the link for the MIB and either open the file or save it to disk.
Downloading the MIB from Brocade FTP site
You can also download the MIB from the Knowledge Portal. Contact Brocade Technical Support for
details. For the latest edition of this document, which contains the most up-to-date information,
refer to the Product Manuals tab at www.brocade.com.
Importing the Brocade MIB into a UNIX environment
You can import the Brocade 6910 MIB into third-party network management applications, such as
HP OpenView. By default, the Brocade 6910 MIB files are in DOS ASCII format that uses the
following characters:
However, in a UNIX environment, the characters LF are used to indicate the end of a line. No
character indicates the end of a file. Thus, if you need to import the Brocade 6910 MIB into a UNIX
environment, you must use a tool that converts the DOS ASCII into UNIX ASCII, such as the
dos2unix tool.
Reloading MIBs into a third-party NMS
Third party network management systems, such as HP OpenView may have problems reloading
MIB files. Ensure that you must upload the following when reloading the Brocade 6910 MIB:
• Unload the Enterprise MIBs which were installed from the previous upgrade before reloading
any new Enterprise MIB file.
• Unload the Standard MIBs which were installed from the previous upgrade before reloading
any new Standard MIB file.
Standard objects
The Brocade 6910 MIB supports certain standard MIB objects, which are derived from Request for
Comments (RFCs) documents. Refer to Chapter 2, “Supported Standard MIBs” for details on the
supported standard MIBs.
Proprietary objects
Proprietary objects are MIB objects that have been developed specifically to manage the Brocade
6910 switch. This section presents a summarized list of these objects.
Tab le 1 shows the hierarchy of the MIB objects that are proprietary to the Brocade 6910. These
objects may also be referred to as the private (or enterprise) MIBs.
On the MIB tree, the object named “foundry” marks the start of the IronWare MIB objects. The
“foundry” object branches into the “products” branch, which branches further into three major
nodes:
• switch – Includes general SNMP MIB objects and objects related to switching functions.
• router – Contains objects for routing protocols, such as IP, OSPF. (Layer 3 routing protocols will
be supported in a future release.)
Each of these major nodes are further divided into smaller categories.
Tab le 1 contains a summary of the major categories or MIB object groups under each major node.
The MIB object groups can be divided into the individual MIB objects or additional object groups.
The column “Object Group Name” presents the name of the MIB object. The “Object Identifier”
column shows the MIB object’s identifier (OID). In this guide, the IronWare objects are presented
with their object names and object their identifiers (OIDs). As shown in Ta ble 1, OIDs are presented
in the format brcdIp.x.x.x.x, where:
All chapters in this guide contain details about the MIB objects that are in the Brocade 6910 MIB.
Each object is presented with its object name and OID, the access type available for that object (for
example, read-write or read only), and a description. Objects are grouped according to their
function.
The chapter “Traps and Objects to Enable Traps” on page 57 contains both the objects used to
enable a particular type of trap and the objects that are available for a trap type. For example,
objects to enable Layer 4 traps as well as the Layer 4 trap objects are in the chapter.
SNMPv3 support
SNMPv3 engine is supported on the NetIron XMR/MLX. The SNMPv3 engine can accept V1, V2c,
and V3 packet formats.
This section summarizes the standard objects that are supported in the Brocade 6910 MIB. It does
not document all the supported standard objects, but presents those standard MIBs that are not
fully supported.
For example, although RFC1213 is supported in the Brocade 6910 MIB, some groups and tables in
that MIB are not supported. The section “RFC 1213: Management Information Base (MIB-II)” on
page 7 identifies the groups and tables that are supported and the ones not supported.
Registration objects identify the Brocade product that is being managed. The following table
presents the objects for product registration. The sysOID will return one of these values.
This chapter presents the global objects for the general management of a device’s physical
properties, such as the current status of the power supply and fan.
Refer to the configuration guide for details on power supplies, fans, and other features discussed in
this chapter.
Power supply
The following object applies to all devices. Refer to the chapter, “Physical Properties of a Device” on
page 21, for information on power supply traps.
Read onlyShows the average temperature of all sensors in all units. Each
unit is 0.5 degrees Celsius.
Values are from -110 – 250
NOTE: For per-unit (per thermal sensor), see
UnitActualTemperature and snAgentTemp2Value instead.
53-1002582-01
Page 35
Software Image
This chapter describes objects to manage the software image and configuration in a device. Refer
to the configuration guide for detailed explanation on the features discussed in this chapter.
• “Reload” on page 23
• “File download and upload” on page 24
• “Software image details” on page 26
Reload
The following object allows you to reload the agent.
Chapter
5Basic Configuration and Management
Name, Identifier, and SyntaxAccessDescription
snAgReload
brcdIp.1.1.2.1.1
Syntax: Integer
Read-writeReboots the agent.
The following values can only be read:
• other(1) – Agent is in unknown or other state
• running(2) – agent running
• busy(4) – reload not allowed at this time, flash is busy
The following value can be written:
• reset(3) – Do a hard reset
The agent will return a response before the action occurs.
snAgEraseNVRAM
brcdIp.1.1.2.1.2
Syntax: Integer
Read-writeThe following values can only be read:
• normal(1)
• error(2) – Operation failed or the flash is bad
• erasing(4) – agent is erasing NVRAM flash
• busy(5) – operation not allowed at this time, flash is busy.
The following value can be written:
• erase(3) – NVRAM is set to be erased.
The agent will return a response even before the erase is
done.And the value of this object will be erasing(4) until the
erase is done. And the erase request will be rejected until the
value of this object is either normal(1) or error(2).
Read-writeSaves all configuration information to NVRAM of the agent. The
following values can only be read:
• normal(1)
• error(2) – Operation failed or the flash is bad
• writing(4) – Agent is writing NVRAM flash
The following value can be written:
NOTE: write(3) – Write operation. The agent will return a
response even before the write operation is complete. The
read values will be written until the write operation is
finished. New write requests will be rejected until an
error(2) or normal(1) value is obtained.
Read-writeShows the name of the image file, including the path, that is
currently associated with the system. When the object is not used,
the value is a zero length string. It can have up to 127 characters.
Read-writeDownloads or uploads a new software image to the agent.
The following values can be read:
Error values: from normal(1) to operationError(17) and
tftpWrongFileType(23).
loading(18) – Operation is in process.
The following values can be set:
• uploadMPPrimar y(19) – Upload the Startup image from MP
flash to TFTP server.
• downloadMPPrimary(20) – Swaps the roles of the startup
and non-startup images in flash.
• uploadMPSecondary(21) – Upload the Non-Startup image
from MP flash to TFTP server.
• downloadMPSecondary(22) – Download the Non-Startup
image from TFTP server to MP flash.
MP is the management processor.
The image filename is defined in snAgImgFname. The TFTP server
address is defined in snAgTftpServerAddrType and
snAgTftpServerAddr. The write request will be rejected during
loading until error or normal.
Read-writeName of the config file including path currently associated with
the system. When the object is not used, the value is a zero length
string. This object can have up to 127 characters.
Read-writeDownloads or uploads a configuration file to the agent.
Error values: from normal(1) to operationError(17) and
tftpWrongFileType(29).
loading(18) – Operation is in process.
The following values can be set for operations with the TFTP
server:
• uploadFromFlashToServer(20) – Upload the config from
flash to TFTP server.
• downloadToFlashFromServer(21) – Download the config to
flash from TFTP server.
• uploadFromDramToServer(22) – Upload the config from
DRAM to TFTP server.
• downloadToDramFromServer(23) – Download the config to
DRAM from TFTP server.
The config filename is defined in snAgCfgFname.
The TFTP server address is defined in snAgTftpServerAddr.
The write request will be rejected during loading until error or
Read-writeShows the IP address mask of the interface.
Read-writeShows the IP address of the default gateway router.
SNTP server table
These objects provide information on the SNTP server.
In a specific configuration and with IPv4 SNTP servers only, SNMP may stop working when the SNTP
server table is viewed. If this occurs, add rfc4001-inetAddressMIB.mib or rfc4001.mib.
Read-createThis variable is used to create, or delete a row in this table. When
a row in this table is in active(1) state, no objects in that row can
be modified except this object.
When a row in this table is in active(1) state, the switch supports
writing active(1) or destroy(6), the former of which has no effect,
and the latter of which deletes this entry.
N/AThis table lists the information for the media device (SFP, XFP, or
copper) installed in the physical Ethernet port. Only the ifIndices
of Ethernet ports that are associated with the operational cards
are included in this table.
N/AAn entry in the Interface Media Information table. The ifIndex of
the Ethernet interface is used to index this table.
Read onlyThe type of the media installed in the physical port.
This object displays up to 128 characters.
Read onlyThe media vendor name. The full name of the corporation is
displayed. This object displays up to 128 characters.
Read onlyThe media vendor product version number.
This object displays up to 128 characters.
Read onlyThe media vendor part number.
This object displays up to 128 characters.
Read onlyThe vendor serial number of the media device.
Read-writeShows the authentication key as encrypted text.
Write operation can only be done if the SET request uses SNMPv3
with data encrypted using privacy key.
This object can have up to 64 characters as encrypted text.
Read-writeShows the sequence of authentication methods for the RADIUS
server. Each octet represents a method for authenticating the
user at login. Each octet can have one of the following values:
• radius(2) – Authenticate by requesting the RADIUS server
• local(3) – Authenticate by local user account table
• tacplus(5) – Authenticate by requesting TACACS Plus server
Setting a zero length octet string invalidates all previous
authentication methods.
NOTE: snRadiusLoginMethod and snRadiusWebServerMethod
effectively set the same object.
Read-writeShows the sequence of authentication methods. Each octet
represents a method for authenticating the user who is accessing
the Web-server. Each octet can have one of the following values:
• radius(2) – Authenticate by requesting the RADIUS server
• local(3) – Authenticate by local user account table
• tacplus(5) – Authenticate by requesting TACACS Plus server
Setting a zero length octet string invalidates all previous
authentication methods.
NOTE: snRadiusLoginMethod and snRadiusWebServerMethod
effectively set the same object.
RADIUS server table
The following objects provide information on the RADIUS server.
The Terminal Access Controller Access Control System (TACACS) or security protocols can be used
to authenticate the following types of access to devices:
• Telnet access
• SSH access
• Securing Access to Management Functions
• Web management access
• Access to the Privileged EXEC level and CONFIG levels of the CLI
Read-createThe authentication UDP port number.
Default: 1812
Read-createThe account UDP port number.
Default: 1813
Read-createThe authentication key displayed as encrypted text.
Valid values: Up to 64 characters as encrypted text.
Read-createThis variable is used to create, or delete a row in this table. When
a row in this table is in active(1) state, no objects in that row can
be modified except this object.
When a row in this table is in active(1) state, the switch supports
writing active(1) or destroy(6), the former of which has no effect,
and the latter of which deletes this entry.
The TACACS and protocols define how authentication, authorization, and accounting information is
sent between a device and an authentication database on a TACACS server.
The following objects provide information on TACACS authentication.
Read-writeAuthentication key displayed as encrypted text.
Write operation can only be done if the SET request usesSNMPv3
with data encrypted using privacy key.
Valid values: Up to 64 characters as encrypted text.
53-1002582-01
Page 47
TACACS server table
The following objects provide information on the TACACS server.
NoneThe TACACS server table listing the TACACS authentication
servers.
NoneAn entry in the TACACS server table. This table uses a running
index as the index to the table.
NoneThe index to the TACACS server table. Only one TACACS server is
supported.
Read-create
Read-createThe TACACS server IP address.
Read-createThe UDP port used for authentication.
Read-createThe authentication key displayed as encrypted text.
Read-createThis variable is used to create, or delete a row in this table. When
The RADIUS server IP address type – ipv4(1)
Default: 49
Valid values: Up to 64 characters as encrypted text.
a row in this table is in active(1) state, no objects in that row can
be modified except this object.
When a row in this table is in active(1) state, the switch supports
writing active(1) or destroy(6), the former of which has no effect,
and the latter of which deletes this entry.
This chapter presents the SNMP MIB objects for various traffic security features such as Dynamic
ARP Inspections, DHCP Snooping, and IP Source Guard.
Dynamic ARP Inspection VLAN configuration table
Dynamic ARP Inspection (DAI) is a security mechanism which validates all ARP packets in a subnet
and discard those packets with invalid IP to MAC address bindings. To configure the feature using
SNMP MIB objects, do the following:
1. Enable DAI on a VLAN
DAI on a VLAN is disabled by default. To enable DAI on an existing VLAN, set the object
fdryDaiVlanDynArpInspEnable in the fdryDaiVlanConfigTable to true. Set it to false to disable it.
2. Enable trust on a port
Chapter
8Traffic Security
The default trust setting for a port is untrusted. To enable trust on a port, set the object
fdryDaiIfTrustValue in the fdryDaiIfConfigTable to true. Set it to false to disable trust on a port.
3. Configure a DAI ARP entry
To configure a DAI ARP entry, set the fdryDaiArpInspectIpAddr, fdryDaiArpInspectMacAddr and
fdryDaiArpInspectRowStatus (value as createAndGo) in the fdryDaiArpInspectTable. This table
displays all DAI entries. A row instance contains the configuration to map a device IP address
with its MAC address and its type, state, age and port.
N/AThis table allows you to configure the trust state for
N/AA row in the fdryDaiConfigTable. Each row contains the
Read-writeThis object indicates whether the interface is trusted
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol (DHCP) snooping enables the device to filter untrusted DHCP
packets in a subnet. DHCP snooping can prevent man-in-the-middle (MiM) attacks, such as a
malicious user who is posing as a DHCP server and is sending false DHCP server reply packets with
the intention of misdirecting other users. It can also stop unauthorized DHCP servers and prevent
errors due to misconfiguration of DHCP servers.
SNMP DHCP snooping MIB objects describes how to configure the DHCP snooping feature using
SNMP. It consists of the following:
Dynamic ARP Inspection at each physical interface.
configuration to enable or disable the trust state for
Dynamic ARP Inspection at each physical interface
capable of this feature.
for Dynamic ARP Inspection.
If this object is set to 'true', the interface is trusted. ARP
packets coming to this interface will be forwarded
without being checked.
If this object is set to “false”, the interface is not
trusted. ARP packets received on this interface will be
subjected to ARP inspection.
• fdryDhcpSnoopGlobalClearOper: A scalar used to clear all entries in the DHCP binding
database
• fdryDhcpSnoopVlanConfigTable: A table that provides the mechanism to control DHCP
snooping per VLAN. When a VLAN is created on a device that supports this table, a
corresponding entry of this table will be added.
• fdryDhcpSnoopIfConfigTable: A table that provides the mechanism to configure the trust state
for DHCP snooping at each physical interface.
• fdryDhcpSnoopBindTable: A table that provides the information for DHCP snooping binding
database learned by the device. The DHCP binding database is integrated with the enhanced
ARP table. It contains the information of a DHCP entry, such as IP address, MAC address, type,
state, port, VLAN ID, and lease time. (To be provided at a later date.)
N/AThis table allows you to configure the trust state for
DHCP Snooping at each physical interface.
N/AA row instance contains the configuration to enable or
disable the trust state for DHCP Snooping at each
physical interface capable of this feature. It is indexed
by the ifIndex.
Read-writeThis object indicates whether the interface is trusted
for DHCP Snooping.
If this object is set to “true”, the interface is trusted.
DHCP packets coming to this interface will be
forwarded without checking.
If this object is set to “false”, the interface is not
trusted. DHCP packets received on this interface will be
subjected to DHCP checks.
Page 56
IP Source Guard
IP Source Guard
IP Source Guard is a security feature that restricts IP traffic on untrusted ports. IP Source Guard
filters traffic based on the DHCP snooping binding database or the manually configured IP source
bindings.
When IP Source Guard is first enabled, only DHCP packets are allowed and all IP traffic is blocked.
When the system learns a valid IP address, IP Source Guard then allows IP traffic. Only the traffic
with valid source IP addresses is permitted.
SNMP IP Source Guard MIB objects manage information for the configuration of the IP Source
Guard feature. There are three tables for IP Source Guard:
• fdryIpSrcGuardIfConfigTable - enables or disables IP Source Guard on each physical interface.
• fdryIpSrcGuardPortVlanConfigTable - enables or disables IP Source Guard on a port on a VLAN.
(Not provided by this switch.)
• fdryIpSrcGuardBindTable - provides the IP addresses used for IP Source Guard purposes at
each physical interface, with or without specific VLAN memberships. (To be provided at a later
date.)
N/AThis table enables or disables IP Source Guard on each
physical interface.
N/AA row indicates if IP Source Guard is enabled or
disabled on each physical interface. It is indexed by
ifIndex.
Read-writeThis object indicates whether IP Source Guard is
enabled on this interface.
If this object is set to “true”, IP Source Guard is
enabled. Traffic coming to this interface will be
forwarded if it is from the list of IP addresses obtained
from DHCP snooping. Otherwise it is denied.
If this object is set to “false”, IP Source Guard is
disabled.
This chapter presents the objects used to define interfaces on a device. Refer to the configuration
guide for details on the features discussed in this chapter.
The following table contains information about the switch port groups.
Switch port information group
The snSwIfInfoTable contains information about the switch port groups.
N/AAn entry in the snSwIfInfo table indicates the configuration for a
specified port.
Read onlyShows the port or interface index.
Read-writeIndicates if the port has an 802.1Q tag:
• tagged(1) – Ports can have multiple VLAN IDs since these
ports can be members of more than one VLAN.
• untagged(2) – There is only one VLAN ID per port.
• dual(3) – Ports can have multiple VLANs per port.
Read-writeIndicates if the port operates in half- or full-duplex mode:
• halfDuplex(1) – Half duplex mode.
• fullDuplex(2) – Full duplex mode. 100BaseFx, 1000BaseSx,
and 1000BaseLx ports operate only at fullDuplex(2).
The read-back channel status from hardware can be:
• halfDuplex(1) – Half duplex mode.
• fullDuplex(2) – Full duplex mode.
The port media type (expansion or regular) and port link type
(trunk or feeder) determine whether this object can be written
andthe value of this object.
Note that “writing” this variable writes the forced-mode
configuration, which is used when autonegotiation is disabled,
and has nothing to do with the current operation mode when
autonegotiation is enabled.
Read-writeIndicates the speed configuration for a port:
• s10M(2) – 10Mbits per second.
• s100M(3) – 100Mbits per second.
The read-back hardware status are the following:
• s10M(2) – 10Mbits per second.
• s100M(3) – 100Mbits per second.
• s1G(4) – 1Gbits per second.
The port media type (expansion or regular) and port link type
(trunk or feeder) determine whether this object can be written
and the valid values for this object.
Note that “writing” this variable writes the forced-mode
configuration, which is used when autonegotiation is disabled,
and has nothing to do with the current operation mode when
autonegotiation is enabled.
Read onlyShows the media type for the port:
• other(1) – other or unknown media.
• m100BaseTX(2) – 100Mbits per second copper.
• m100BaseFX(3) – 100Mbits per second fiber.
• m1000BaseTX(7) – 1Gbits per second copper.
Read onlyShows the type of connector that the port offers:
• other(1) – Other or unknown connector
• copper(2) – Copper connector
• fiber(3) – Fiber connector
This describes the physical connector type
Read-writeIndicates if STP is enabled for the port:
• disabled(0)
• enabled(1)
Refer to the document IEEE 802.1D-1990: Section 4.5.5.2,
dot1dStpPortEnable.
Read-writeApplies only to Gigabit Ethernet ports.
Indicates if auto-negotiation mode is enabled on the port.
• disable(0) – The port will be placed in non-negotiation mode.
• enable(1) – The port will start auto-negotiation indefinitely
until it succeeds.
Default: enable(1)
Read-writeIndicates if port flow control is enabled:
• disable(0)
• enable(1)
Default: enabled(1)
Read onlyApplies only to Gigabit Ethernet ports.
Shows the media type for the port:
• m1000BaseSX(0) – 1-Gbps fiber, with a short wavelength
transceiver
• m1000BaseLX(1) – 1-Gbps fiber, with a long wavelength
transceiver (3km)
• m1000BaseTX(5) – 1-Gbps copper (100meter).
• notApplicable(255) – a non-gigabit port.
Read-writeIndicates if fast span is enabled on the port.
Read/create Displays the LinkAggregationGroup type.
Read/createDisplays a list of interface indices which are the port
Read/create The LACP timeout value this LACP LAG will use.
Read onlyAfter a LAG is deployed, this object dIsplays information
Read onlyDisplays the number of member ports belong to this
• GBIC(1) – GBIC
• miniGBIC(2) – MiniGBIC
• empty(3) – GBIC is missing
• other(4) – Not a removable Gigabit port
interface.
Possible Values:
• static(1)
• dynamic(2)
membership of a trunk group. Each interface index is a
32-bit integer in big endian order.
NOTE: This object accepts 32-bit integer only.
for the LAG entry in the ifTable. Use this variable to
access the entry in the ifTable and ifXTable. Zero is
returned for LAGs that have not been deployed.
Read/create This variable is used to create or delete a trunk whose
fdryLinkAggregationGroupType(2) is static(1). Set this
to active(1) to create, and set this to notInService(2) to
delete.
However, reading this as active(1) may mean a link
aggregation whose fdryLinkAggregationGroupType(2) is
static(1) or dynamic(2).
Read onlyThe numeric identifier assigned to this LAG.
Read onlyThe statistics collection of utilization of the CPU in the device.
Read onlyShows CPU utilization every 5 seconds.
Read onlyShows CPU utilization every one minute.
System DRAM information group
This group displays memory utilization statistics for protocols that use dynamic memory allocation.
It shows the same information that a show memory command displays.
Read onlyThe total number of ARP packets received from the interfaces,
including those received in error.
Read onlyThe total number of input ARP request packets received from
the interfaces.
Read onlyThe total number of output ARP request packets sent from the
interfaces.
Read onlyThe total number of output ARP reply packets sent from the
interfaces.
N/AThis table lists the instrumented parameters of all optical
interfaces.
N/AThe snIfOpticalMonitoringInfoEntry specifies the optical
parameters of the specified interface. Only the ifIndices of
optical interfaces whose parameters need to be monitored
will be used to index this table.
Read onlyThis object holds the value of the transmitter laser diode
temperature for the interface. This object indicates the
health of the transmitter.
The format is [-]xxx.yyyy C(elsius), followed by whether the
measured value is normal, high/low alarm or high/low
warning.
Read onlyThis object holds the value of the transmitter optical signal
power for the interface, measured in dBm, followed by
whether this is a normal value, or high/low warning or alarm.
Read onlyThis object holds the value of the receiver optical signal
power for the interface, measured in dBm, followed by
whether this is a normal value, or high/low warning or alarm.
Read onlyTx Bias Current. It is measured in mA, and is followed by
whether this is a normal value, or high/low warning or alarm.
The objects in this section manage system logging functions (Syslog) using SNMP.
System log server table
The System Log (Syslog) Server Table shows which servers will receive Syslog messages. Every
server in this table will receive all Syslog messages.
Name, Identifier, and SyntaxAccessDescription
System logging
brcdSysLogServerTable
brcdIp.1.1.11.1.1.1
brcdSysLogServerEntry
brcdIp.1.1.11.1.1.1.1
brcdSysLogServerAddrType
brcdIp.1.1.11.1.1.1.1.1
brcdSysLogServerAddr
brcdIp.1.1.11.1.1.1.1.2
brcdSysLogServerUDPPort
brcdIp.1.1.11.1.1.1.1.3
brcdSysLogServerRowStatus
brcdIp.1.1.11.1.1.1.1.5
N/ASystem Log Server Table
N/AA row in the System Log Server table
N/AThe System Log server address type. The supported address
types are:
• ipv4(1)
• ipv6(2)
• ipv6z(4)
Default: IPv4
N/AIP address of System Log server.
N/AUDP port number of the System Log server.
Read/create Controls the management of the table rows.
Setting this object to createAndGo(4) adds new row. Setting
this object to destroy(6) deletes a row. The value active(1) is
returned for get and get-next requests.
NoneAn entry in the Trap Receiver Table. This table uses a running
index as the index to the table.
Reasons to use the running index scheme rather than IP
addresses:
1The table will be Virtual Routing and Forwarding (VRF)
independent so that multiple VRFs can share the same
address type and address.
2An index with address type and address could be
potentially 17 unsigned integers, causing parsing and
finding the next index to take much CPU time. The PDU
gets to be huge too.
3An IP address is just another attribute, and they are
supposed to be a list of servers.
NoneThe index to the Trap Receiver Table.
Read-create Trap Receiver IP address Type. Supported address types are:
Read-create The IP address of the SNMP manager that will receive the trap.
Read-create The community string to use to access the trap receiver. This
object can have up to 32 octets. In the case of USM (SNMPv3)
security model, this object is used to provide the security name.
Writing a null string sets the name to “public”.
Read-create The UPD port number of the trap receiver.
Valid value: 0 – 65535
Default: 162
Read-create The version of trap format to be used.
Default: v1
Read-create Used for USM (SNMPv3) security model to specify the level of
security. The security name is provided by
fdryTrapReceiverCommunityOrSecurityName.
Default: noAuth
Read-create This variable is used to create, or delete a row in this table.
When a row in this table is in active(1) state, no objects in that
row can be modified except this object.
When a row in this table is in active(1) state, the switch
supports writing active(1) or destroy(6), the former of which has
no effect, and the latter of which deletes this entry.
Standard traps
This section present the standard traps supported on devices.
System status traps
Brocade supports the following traps from RFC 1215:
Trap Name and NumberVarbindDescription
coldStart
1.3.6.1.6.3.1.1.5.1
warmStar t
1.3.6.1.6.3.1.1.5.2
authenticationFailure
1.3.6.1.6.3.1.1.5.5
(None)Indicates that the sending protocol entity is re-initializing itself: the
agent's configuration or the protocol entity implementation may
be altered.
(None)Indicates that the sending protocol entity is re-initializing itself;
however, the agent configuration nor the protocol entity
implementation is not altered.
(None)Indicates that the sending protocol entity is the addressee of a
protocol message that is not properly authenticated. While
implementations of the SNMP must be capable of generating this
trap, they must also be capable of suppressing the emission of
such traps through an implementation-specific mechanism.
Brocade supports the following traps from RFC 2863:
Trap Name and NumberVarbindDescription
Standard traps
linkDown
1.3.6.1.6.3.1.1.5.3
linkUp
1.3.6.1.6.3.1.1.5.4
ifIndex(1)
ifAdminStatus(7)
ifOperStatus(8)
ifIndex(1)
ifAdminStatus(7)
ifOperStatus(8)
A failure in one of the communication links.
For example,
Interface <port-name> <port-num>, state down
The communication link is up.
For example,
Interface <port-name> <port-num>, state up
Traps for spanning tree protocol
Brocade supports for the following traps for Spanning Tree Protocol from RFC 1493.
Trap Name and NumberDescription
newRoot
1.3.6.1.2.1.17.0.1
topologyChange
1.3.6.1.2.1.17.0.2
Indicates that the sending agent has become the new root of the Spanning
Tree. The trap is sent by a bridge soon after its election as the new root, for
example, upon expiration of the Topology Change Timer immediately
subsequent to its election.
Is sent by a bridge when any of its configured ports transitions from the
Learning state to the Forwarding state, or from the Forwarding state to the
Blocking state. The trap is not sent if a newRoot trap is sent for the same
transition.
Traps for RMON events
Brocade supports for the following traps for RMON from RFC 2819.
Trap Name and NumberVarbindDescription
risingAlarm
1.3.6.1.2.1.16.0.1
fallingAlarm
1.3.6.1.2.1.16.0.2
alarmIndex,
alarmVariable,
a l ar m S am p l e Ty p e,
alarmValue,
alarmRisingThreshold
alarmIndex,
alarmVariable,
a l ar m S am p l e Ty p e,
alarmValue,
alarmFallingThreshold
The SNMP trap that is generated when an alarm entry
crosses its rising threshold and generates an event that is
configured for sending SNMP traps.
The SNMP trap that is generated when an alarm entry
crosses its falling threshold and generates an event that is
This section presents the IronWare traps supported on devices running IronWare software.
The Traps in the IronWare MIBs include the following lines in their description:
--#TYPE "Brocade Trap: Power Supply Failure"
--#SUMMARY "Power supply fails, error status %d."
--#ARGUMENTS { 0 }
--#SEVERITY MINOR
--#STATE OPERATIONAL
These lines are used by the HP OpenView network management system.
General traps
The table below lists the general traps generated by devices. Refer to the previous sections in this
chapter to determine if traps for a feature need to be enabled.
Trap Name and NumberVarbindSeverityDescription
snTrapUserLogin
brcdIp.0.75
snTrapUserLogout
brcdIp.0.76
snTrapClientLoginReject
brcdIp.0.110
snAgGblTrapMessage Informational The SNMP trap that is generated
when a user logs in to a device.
Sample Trap Message:
Security: telnet login
from src IP 10.37.21.63 to
USER EXEC mode.
snAgGblTrapMessage Informational The SNMP trap that is generated
when a user logs out of a device.
Sample Trap Message:
Security: telnet logout
from src IP 10.37.21.63
from USER EXEC mode.
snAgGblTrapMessageInformational The SNMP trap that is generated
when a login attempt by a telnet or
SSH client fails.
Format:
Security: {snmp | ssh|telnet| web}
access [by user <name>] from src [IP
<ipv4> | IPv6 <ipv6>] rejected, <n>
attempts
snAgGblTrapMessageInformational The SNMP trap that is generated
when memory utilization reaches the
memory rising threshold (set by the
CLI memory command).
snAgGblTrapMessageInformational The SNMP trap that is generated
when the actual temperature reading
falls from the rising threshold and
reaches the falling threshold.
Sample Trap Message:
System: Stack unit
<unitNumber> temperature
<actual-temp> C degrees is
normal
Port security traps
The Port Security feature enables a device to learn a limited number of “secure” MAC addresses on
an interface. The interface will forward only those packets with source MAC addresses that match
these secure addresses. If the interface receives MAC addresses that are included in its secure
MAC list, the device generates the following traps:
These traps appy to ports that have the Port Security feature enabled.
Trap Name and NumberVarbindSeverityDescription
snTrapPortSecurityViolation
brcdIp.0.77
snAgGblTrapMessage Minor The SNMP trap that is generated
when insecure MAC addressesare
received from a port with MAC
security feature enabled.
Sample Trap Message:
Brocade Trap: Port
Security Violation
Traps for stacking
Brocade supports for the following traps for stacking.
when a power supply operational
status changed from normal to
failure for a stacking system.
Sample Trap Message
System: Stack unit
<unitNumber>
Power supply
<snChasPwrSupplyIndex> is
down
CriticalThe SNMP trap that is generated
when the actual temperature
reading rises from the falling
threshold and reaches the rising
threshold.
Sample Trap Message
System: Stack unit
<unitNumber> Temperature
<actual-temp> C degrees,
warning level
<warning-temp> C degrees
RMON event traps
The following is an example of how to generate an SNMP trap for an RMON event.
If you want to configure a device to send an SNMP trap when the number of broadcast packets
exceeds 100, do the following:
1. Configure an RMON alarm with an ID of 1 that checks etherStatsBroadcastPkts for Port 1 every
15 seconds to see if it exceeds a specified delta threshold (i.e., a change compared to the last
reading). In every sample, check if etherStatsBroadcastPkts exceeds 100 packets compared to
the last measurement. If it does, send an event (id 1) with “Tom” as the owner name. The event
trigger is re-armed, when the falling-threshold value falls below 30 packets since the last
reading.
rising-threshold 100 1 falling-threshold 80 1 owner Tom
The rising and the falling thresholds are used for the presence and absence of one specific
condition, with an oscillation buffer in between (e.g. warning versus no warning, not opposite
events like “too much” and “too little”), and should be near each other to be meaningful. The
data monitored may oscillate between these thresholds over time, triggering multiple events,
e.g. when using the settings of 100 and 80 as in the preceding example.
2. Configure an RMON event with an ID of 1, which sends an send a SNMP trap that contains the
community string “public”, some description, and owner Tom whenever broadcasts exceed
100 packets.
Console(config)#rmon event 1 trap public description broadcast_above_100 owner