CISCO-CATOS-ACL-QOS-MIB Download

MIBs list

This MIB module is for Access Control Lists(ACLs) configuration of Quality of Service (QoS) as well as Security feature on Cisco Catalyst 5000/6000 series switch running CatOS.

IPHost Network Monitor offer an easy way of SNMP monitoring your Cisco Servers, Routers, Switches, Bridges, Firewalls, Repeaters.

OID list for CISCO-CATOS-ACL-QOS-MIB

caqCosToDscpTable: This table contains the mapping of Cos values to DSCP values. This map is used to associate the Cos of packets arriving at a port to a DSCP where the port's trust state is trustCoS(2). This map is a table of eight Cos values (0 through 7) and their corres ...
caqCosToDscpEntry: Each row contains the mapping from a CoS value to a DSCP value.
caqCosToDscpCos: The CoS value being mapped to the DSCP value in this device.
caqCosToDscpDscp: The DSCP value which the CoS value maps to. The default configuration is : CoS DSCP 0 0 1 8 2 16 3 24 4 32 5 40 6 48 7 56 .
caqIpPrecToDscpTable: This table contains the mapping of IP Precedence to DSCP. This map is used to associate the IP Precedence of IP packets arriving at a port to a DSCP where the port's trust state is trustIpPrec(3). This map is a table of eight IpPrecedence values (0 throu ...
caqIpPrecToDscpEntry: Each row contains the mapping from an IP Precedence value to a DSCP value.
caqIpPrecToDscpIpPrec: The IP Precedence value being mapped to the DSCP value in this device.
caqIpPrecToDscpDscp: The DSCP value which the IP Precedence value maps to. The default configuration is the identity function : IPPrec DSCP 0 0 1 8 2 16 3 24 4 32 5 40 6 48 7 56 .
caqDscpMappingTable: This table always has 64 entries, one for each DSCP value. The table contains three mappings from the DSCP value assigned to a packet. One mapping is to the egress CoS to be stored in the layer-2 frame headers for output on 802.1Q or ISL interfaces. The o ...
caqDscpMappingEntry: Each row contains the mapping from DSCP value to CoS value and policed DSCP.
caqDscpMappingDscp: The DSCP value being mapped to the CoS value and policed DSCP value in this device.
caqDscpMappingCos: The CoS value which the DSCP values maps to. The default configuration is calculated from the formula CoS = DSCP divide by 8. That is: DSCP 0-7 all map to CoS 0; DSCP 8-15 all map to CoS 1; ... DSCP 32-39 all map to CoS 4; ... DSCP 56-63 all map to CoS 7.
caqDscpMappingNRPolicedDscp: The normal rate policed DSCP value which the DSCP values maps to. The normal rate default mapping of DSCP to 'marked down' DSCP is the identity function. That is: 63 -> 63 62 -> 62 ... 31 -> 31 ... 2 -> 2 1 -> 1 0 -> 0.
caqDscpMappingERPolicedDscp: The excess rate policed DSCP value which the DSCP values maps to. If the value of caqFlowPolicerExcessRateSupport object is false(2), this object cannot be instantiated. The excess rate default DSCP mapping of DSCP to 'marked down' DSCP is the identity fu ...
caqCosAssignmentTable: This table provides the information for and configuration of assigning packets to queues and thresholds based on their CoS value.
caqCosAssignmentEntry: The assignment of packets to a pair of queue and threshold based on their Cos value. The packets assignment also depends on port types. For each port type, there is a set of Cos value (0..7) associated with a pair of queue number and threshold number (q,t ...
caqCosAssignQueueType: The queue type of this interface.
caqCosAssignCos: Indicates the Cos value which is used to match the Cos value of packets for queue assignment.
caqCosAssignQueueNumber: The queue number which the Cos value denoted by caqCosAssignCos will be associated with. This queue number must not larger than the queue count defined by caqCosAssignQueueType.
caqCosAssignThresholdNumber: The threshold number which the Cos value denoted by caqCosAssignCos will be associated with. This threshold number must not larger than the threshold count defined by caqCosAssignQueueType.
caqQueueThresholdTable: This table maintains threshold parameters for the specified queue number and threshold number of a port type.
caqQueueThresholdEntry: For each threshold of a queue, there are parameters to set on the threshold. This entry contains the parameters.
caqQueueThreshQueueType: Indicates the queue type.
caqQueueThreshQueueIndex: Indicates queue number. This queue number must not be larger than the queue count defined by caqQueueThreshQueueType.
caqQueueThreshThresholdIndex: Indicates threshold number. This threshold number must not be larger than the threshold count defined by caqQueueThreshQueueType.
caqQueueThreshDropAlgorithm: Indicates the drop algorithm used at this queue and threshold. tailDrop(1) indicates that tailDrop is used. wred(2) indicates that WRED is used.
caqQueueThreshDropThreshold: This object specifies the drop threshold parameter for a pair of queue and threshold of an interface queue type when the drop algorithm is tail drop. Once the packets in the buffer is more than the value of this object, the incoming packets of the buffer ...
caqQueueThreshMinWredThreshold: This object specifies the min WRED threshold parameter of a threshold number for the specific port type when WRED drop algorithm is used. WRED (Weighted Random Early Detect) is a mechanism which drops packets fairly during congestion so that adaptive appl ...
caqQueueThreshMaxWredThreshold: This object specifies the max WRED threshold parameter of a threshold number for the specific port type when WRED drop algorithm is used. This object is instantiated only if the value of caqQueueThreshDropAlgorithm is wred(2).
caqQueueTable: A table used to configure the WRR (weighted round robin) weights for queues and the ratio of memory buffer allocation for each queue. It only contains entries for the specific port types which supports either WRR or buffer allocation.
caqQueueEntry: A set of WRR weight and memory buffer allocation ratio for ingress or egress of a specific queue.
caqQueueDirection: Indicates whether this row's queue parameters are to be applied for ingress or for egress traffic.
caqQueueType: Indicates the queue type.
caqQueueNumber: Indicates queue number.
caqQueueWrrWeight: This object is to configure the weight for the specified queue type and for the specified direction.
caqQueueBufferSizeRatio: Indicates the percentage of ingress or egress packet buffer memory allocated to the specified queue.
caqDscpMutationMapTable: The table provides the DSCP mutation mapping configuration on the device. This table is only instantiated if DSCP Mutation is supported by the device.
caqDscpMutationMapEntry: Each row contains the mapping from old DSCP value to new DSCP value per specific mutation table.
caqDscpMutationTableId: The mutation table ID number.
caqDscpMutationOldDscp: The old DSCP value.
caqDscpMutationNewDscp: The new DSCP value which the old DSCP values maps to for a specific mutation table. The default mapping of old DSCP to new DSCP for mutation purpose is the identity function. That is: 63 -> 63 62 -> 62 ... 31 -> 31 ... 2 -> 2 1 -> 1 0 -> 0.
caqVlanMutationIdMapTable: The table provides the VLAN to mutation table mapping configuration on the device. This table is only instantiated if DSCP Mutation is supported by the device.
caqVlanMutationIdMapEntry: When the first time a VLAN is created in a device supporting this table, a corresponding entry of this table will be added. The value of caqVlanMutationTableId object in such row will be initialized to 0.
caqVlanMutationIndex: Indicates the VLAN number.
caqVlanMutationTableId: Indicates the mutation table ID number. The value of this object should match one of caqDscpMutationTableId object value in caqDscpMutationMapTable. Mutation table 0 always provides the identity mapping.
caqDscpRewriteEnabled: Indicates whether DSCP rewrite is enabled or disabled in the device. if true(1), all outgoing packets will have their DSCP value rewrited based on the result of classification, policing or DSCP mutation configured in the device. if false(2), all outgoing ...
caqMacPktClassifyVlansLow: A string of octets containing one bit per VLAN for VLANs with VlanIndex value of 0 to 2047. The first octet corresponds to VLANs with VlanIndex values of 0 through 7; the second octet to VLANs 8 through 15; etc. The most significant bit of each octet cor ...
caqMacPktClassifyVlansHigh: A string of octets containing one bit per VLAN for VLANs with VlanIndex value of 2048 to 4095. The first octet corresponds to VLANs with VlanIndex values of 2048 through 2055; the second octet to VLANs 2056 through 2063; etc. The most significant bit of ...
caqIfConfigTable: This table describes the trust state and the default Cos value configured at each physical interface. It also indicates whether an ACL attached to a Qos capable physical interface is applied per VLAN or per physical interface if the platform supports ACL ...
caqIfConfigEntry: The index of this table is the ifIndex of a physical port with QoS capability.
caqIfCos: This object indicates the default Cos value configured at this physical interface. This default value will be assigned to packet which does not have a Cos value in its layer-2 header when the packet arrives at this interface.
caqIfTrustStateConfig: This object is used to set the trust state of an interface. (whether the packets arriving at an interface are trusted to carry the correct data for classification.) If the object is untrusted(1), then the DSCP assigned to the packet is the DSCP specified ...
caqIfAclBase: For a given physical interface, this object indicates whether packets arriving at that interface are classified and policed based on port's ACL or based on the ACL of the VLAN which the port belongs to. This object is only instantiated if the platform sup ...
caqIfTrustDevice: For a given physical interface, this object indicates the restriction on trusting only a specific type of device which is connected to this interface to carry the correct data for classification. trustCiscoIPPhone(0) indicates that there is a restriction ...
caqIfOperTrustState: This object is used to indicate the operational trust state of an interface. The operational trust state may or may not be identical to the config trust state denoted by caqIfTrustStateConfig. The value of this object depends on the runtime conditions suc ...
caqClassifierTable: This table identifies which ACLs are in use on which interfaces. Some devices may impose constraints on the number of ACLs that can be attached to each interface; for example a constraint that at most three Qos ACLs, one for each type: IP, IPX and MAC, an ...
caqClassifierEntry: An entry identifies that a particular ACL is in use on a particular interface. An interface can be a physical port or a VLAN.
caqClassifierAclType: Indicates the type of ACL attached to this interface. ipQos(1) indicates that this ACL is an IP Qos ACL. ipxQos(2) indicates that this ACL is an IPX Qos ACL. macQos(3) indicates that this ACL is a MAC Qos ACL. ipSecurity(4) indicates that this ACL is an I ...
caqClassifierAclName: Indicates the ACL name which should exist in the ACL tables e.g. in caqIpAceTable. This ACL can be a Qos ACL or a Security ACL.
caqClassifierMapStatus: The status of this classifier conceptual row entry. An entry may not exist in the active state unless the ACL name denoted by caqClassifierAclName object in the entry exist and active (i.e. its RowStatus object is active(1)) in an ACL table. Once a row be ...
caqClassifierMapDirection: Indicates whether this ACL are to be attached to ingress or egress direction.
caqIfSecurityAclConfigTable: A list of the interfaces which support the security ACL feature.
caqIfSecurityAclConfigEntry: An entry contains configuration information about a security ACL mapped to a interface which is capable for this feature.
caqIfSecurityAclBase: The security ACL configuration mode for an interface. Setting this variable to the value port(1) will cause the packets (L3 forwarded packets and L2 packets) arriving at that interface to be filtered based on the ACL mapped to that interface. Setting this ...
caqIpOperClassifierTable: This table identifies which operational IP ACLs are in use on which interfaces.
caqIpOperClassifierEntry: An entry in this table identifies operational IP ACLs that are currently in use on a particular interface. An interface can be a physical port or a VLAN.
caqIpOperAclFeature: An index indicates the feature to which the operational IP ACLs mapped at this interface are applied. 'ingressIpQos' indicates the ACL mapped at this interface is used to classify ingress IP traffic for QoS feature. 'egressIpQos' indicates the ACL mapped ...
caqIpOperAclName: This object indicates the name of an operational IP ACL which is mapped at this interface to classify IP traffic for feature denoted by caqIpOperAclFeature object.
caqIpOperAclMapSource: This object indicates the sources that map the operational IP ACLs at this interface. 'configured' indicates that the ACL mapping is introduced by manual configuration through CLI or an NMS application. 'dot1x' indicates that the ACL mapping is introduced ...
caqDownloadClassifierTable: This table identifies ACLs assignment to capable interface which is downloaded using different security features.
caqDownloadClassifierEntry: An entry identifies ACLs assignment on a capable physical interface.
caqDownloadAclFeature: This object indicates the feature that ACLs mapped at this interface is used for. 'ingressIpQos' indicates the ACL mapped at this interface is used to classify ingress IP traffic for QoS feature. 'egressIpQos' indicates the ACL mapped at this interface is ...
caqDownloadClassifierAclName: This object indicates the ACL name mapped to this interface to classify traffic for a specific feature denoted by the corresponding caqDownloadAclFeature.
caqDownloadMapSource: This object indicates the source that maps the ACLs at this interface. 'dot1x' indicates that the ACL mapping is introduced by the operation of 802.1x feature. 'macAuth' indicates that the ACL mapping is introduced by the operation of Mac Authentication B ...
caqDownloadAclType: This object indicates the type of the ACL. 'pacl' indicates this is a port-based ACL. 'vacl' indicates this is a VLAN-based ACL.
caqAclCapabilities: Indicates what ACL capabilities are supported on the device. An ACL belongs to one of the following types: IP, IPX and MAC. Furthermore, an ACL can be used for either QoS or Security feature. If ipQos(0) bit is turned on, caqIpAceTable can be instantiated ...
caqIpAceTable: This table contains a list of IP ACEs. Each ACE consists of a filter specification and behavior associated with it which describes what action to carry out on packets which match. An ACL is defined as the set of ACEs of the same type (all QoS, or all Secu ...
caqIpAceEntry: An entry defines an ACE, consisting of a set of match criteria. For a packet to match an entry, it has to match all the criteria specified in that entry.
caqIpAceFeature: Indicates whether this entry is a Qos ACL or Security ACL. ACEs belongs to the same ACL should have the same value for this object.
caqIpAclName: The name of an ACL. Within a feature (qos or security), the name is unique across all of the ACL tables that identifies the list to which the entry belongs in the device.
caqIpAceIndex: The index of an ACE within an ACL.
caqIpAceMatchedAction: Indicates the action to be taken if a packet matches this ACE. If the value of this ACE's caqIpAceFeature object is: 'qos(1)', then this object contains the index of an active row in caqQosActionSelectTable. If the value of this ACE's caqIpAceFeature obj ...
caqIpAceProtocolType: The protocol number field in the IP header used to indicate the higher layer protocol as specified in RFC 1700. A value value of 0 matches every IP packet. For example : 0 is IP, 1 is ICMP, 2 is IGMP, 4 is IP in IP encapsulation, 6 is TCP, 9 is IGRP, 17 i ...
caqIpAceAddrType: The type of IP address used by this ACE entry.
caqIpAceSrcIp: The specified source IP address. The packet's source address is AND-ed with the value of caqIpAceSrcIpMask and then compared against the value of this object. If this object value is 0.0.0.0, and the value of caqIpAceSrcIpMask object in the same entry is ...
caqIpAceSrcIpMask: The specified source IP address mask.
caqIpAceSrcPortOp: Indicates how a packet's source TCP/UDP port number is to be compared. If the caqIpAceProtocolType object in the same row does not indicate TCP or UDP, this object has to be 'noOperator(1)' and cannot be changed while this row is active, i.e., the value o ...
caqIpAceSrcPort: The source port number of the TCP or UDP protocol. If the caqIpAceSrcPortOp object in the same row is range(6), this object will be the starting port number of the port range. This object cannot be configured if caqIpAceStatus in the same row is active(1) ...
caqIpAceSrcPortRange: The source port number of the TCP or UDP protocol. If the caqIpAceSrcPortOp object in the same row is range(6), this object will be the ending port number of the port range. This object cannot be configured if caqIpAceStatus in the same row is active(1) o ...
caqIpAceDestIp: The specified destination IP address. The packet's destination address is AND-ed with the value of caqIpAceDestIpMask and then compared against the value of this object. If this object value is 0.0.0.0 and the value of caqIpAceDestIpMask object in the sam ...
caqIpAceDestIpMask: The specified destination IP address mask.
caqIpAceDestPortOp: Indicates how a packet's destination TCP/UDP port number is to be compared. If the caqIpAceProtocolType object in the same row does not indicate TCP or UDP, this object has to be 'noOperator(1)' and cannot be changed while this row is active, i.e., the va ...
caqIpAceDestPort: The destination port number of the TCP or UDP protocol. If the caqIpAceDestPortOp object in the same row is range(6), this object will be the starting port number of the port range. This object cannot be configured if caqIpAceStatus in the same row is act ...
caqIpAceDestPortRange: The destination port number of the TCP or UDP protocol. If the caqIpAceDestPortOp object in the same row is range(6), this object will be the ending port number of the port range. This object cannot be configured if caqIpAceStatus in the same row is activ ...
caqIpAceTosMatchCriteria: Indicates what field of Tos octet in the packet header to be matched. none(1) means that there is no need to match the ToS octet. matchDscp(2) means that the DSCP value of packet header need to be matched. If this value is specified, the caqIpAceDscp obje ...
caqIpAceIpPrec: Specifies the IP precedence value to be matched against. This object could not be configured when the status of the entry, caqIpAceStatus, is active(1). The value of this object is ignored whenever the value of caqIpAceTosMatchCritial object is not matchI ...
caqIpAceDscp: Specifies the Dscp value to be matched against. This object could not be configured when the status of the entry, caqIpAceStatus, is active(1). Packets can be matched the DSCP level from 0 to 63. The value of this object is ignored whenever the value of ...
caqIpAceProtocolMatchCriteria: Indicates what field in the packet header for ICMP or IGMP or TCP protocol or IPv4 ESP (Enscrypted Security Payload) to be matched. none(1) = no comparison is to be done for ICMP/IGMP/TCP/ESP. matchIgmpType(2) means that the Type field of IGMP protocol pa ...
caqIpAceIcmpType: Indicates the message type of ICMP packets. The type is a number from 0 to 255. The value of this object is ignored whenever the value of caqIpAceProtocolMatchCritial object is not matchIcmpType(3) or matchIcmpTypeAndCode(4).
caqIpAceIcmpCode: Indicates the message code of ICMP packets. The code is a number from 0 to 255. The value of this object is ignored whenever the value of caqIpAceProtocolMatchCritial object is not matchIcmpTypeAndCode(4).
caqIpAceIgmpType: Indicates the message type of IGMP packets. The code is a number from 0 to 15. The value of this object is ignored whenever the value of caqIpAceProtocolMatchCritial object is not matchIgmpType(2).
caqIpAceOrderPosition: The ordering position of this ACE in the ACL. If this entry is not in active(1) state, this object has value of 0.
caqIpAceBeforePosition: The object is to control the position of an ACE in the ACL. Indicates the order position of a new ACE before an active ACE which is already in the ACL. It means that the new ACE will replace the position of the ACE which the object specifies. For example, ...
caqIpAceStatus: The status of this IP ACE conceptual row entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value. Especially, it c ...
caqIpAceSecurityId: Indicates the Security Association Identifier of IPv4 ESP packets. The value of this object is ignored whenever the value of caqIpAceProtocolMatchCritial object is not matchSecurityId(6).
caqIpAceSrcGroup: Indicates the source group name which the source IP address in the IP packet header belongs to. If this object is configured, the value of caqIpAceProtocolType object in the same row will have the value of 0.
caqIpAceDestGroup: Indicates the destination group name which the destination IP address in the IP packet header belongs to. If this object is configured, the value of caqIpAceProtocolType object in the same row will have the value of 0.
caqIpAceType: Indicates the ACE type.
caqIpxAceTable: This table contains a list of IPX ACEs. Each ACE consists of a filter specification and behavior associated with it which describes what action to carry out on packets which match. An ACL is defined as the set of ACEs of the same type (all QoS, or all Sec ...
caqIpxAceEntry: Each entry of caqIpxAceTable consists of a set of match creteria. For a IPX flow to match an entry, it has to match all the conditions specified in that entry.
caqIpxAceFeature: Indicates whether this entry is a Qos ACL or Security ACL. ACEs belongs to the same ACL should have the same value for this object.
caqIpxAclName: The name of an ACL. Within a feature (qos or security), this name is unique across all of the ACL tables that identifies the list to which the entry belongs in the device.
caqIpxAceIndex: The index of an IPX ACE within an ACL.
caqIpxAceMatchedAction: Indicates the action to be taken if a packet matches this ACE. If the value of this ACE's caqIpxAceFeature object is: 'qos(1)', then this object contains the index of an active row in caqQosActionSelectTable. If the value of this ACE's caqIpxAceFeature o ...
caqIpxAceSrcNet: Indicates the source network from which the packet is being sent. This is a 32-bits value that uniquely identifies network cable segment in IPX protocol. A network number of 0xFFFFFFFF matches all networks.
caqIpxAceDestMatchCriteria: Indicate which matches to be checked for the destination network of the flow. matchProtocol(0) means that the flow protocol will be matched against the value specified by caqIpxAceProtocolType object in the same row. matchIpxDestNet(1) means that the flo ...
caqIpxAceProtocolType: The protocol number field in the IPX header used to indicate the higher layer protocol. It can be any, ncp, netbios, rip, sap or an integer between 0 to 255.
caqIpxAceDestNet: Number of the destination network to which the packet is being sent. This is a 32-bit value that uniquely identifies the IPX network cable segment in IPX protocol. A network number of 0xFFFFFFFF matches all networks. The value of this object is ignored w ...
caqIpxAceDestNode: Node on the destination network to which the packet is being sent. This is a 48 bits value. The value of this object is ignored whenever the matchIpxDestNode(2) and matchIpxDestNodeMask(4) bits of caqIpxAceDestMatchCriteria object are not on.
caqIpxAceDestNetMask: Mask to be applied to the destination net. This is an 32-bit value that has the same format as destination net. The value of this object is ignored whenever the matchIpxDestNetMask(3) bit of caqIpxAceDestMatchCriteria object is not on.
caqIpxAceDestNodeMask: Mask to be applied to the destination node. This is a 48-bit value. The value of this object is ignored whenever the matchIpxDestNodeMask(4) bit of caqIpxAceDestMatchCriteria object is not on.
caqIpxAceOrderPosition: The ordering position of this ACE in the ACL. If this entry is not in active(1) state, this object has value of 0.
caqIpxAceBeforePosition: The object is to control the position of an ACE in the ACL. Specifies the order position of a new ACE before an active ACE which is already in the ACL. It means that the new ACE will replace the position of the ACE which the object specifies. For example, ...
caqIpxAceStatus: The status of this IPX ACE conceptual row entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value. Especially, it ...
caqMacAceTable: This table contains a list of MAC ACEs. Each ACE consists of a filter specification and behavior associated with it which describes what action to carry out on packets which match. An ACL is defined as the set of ACEs of the same type (all QoS, or all Sec ...
caqMacAceEntry: Each entry of caqMacAceTable consist of a set of match criteria. For a layer 2 flow to match an entry, it has to match all the conditions specified in that entry.
caqMacAceFeature: Indicates whether this entry is a Qos ACL or Security ACL.
caqMacAclName: The name of an ACL. Within a feature (qos or security), this name is unique across all the ACL tables that identifies the list to which the entry belongs in the device.
caqMacAceIndex: The index of an Mac ACE within an ACL.
caqMacAceMatchedAction: Indicates the action to be taken if a packet matches this ACE. If the value of this ACE's caqMacAceFeature object is: 'qos(1)', then this object contains the index of an active row in caqQosActionSelectTable. If the value of this ACE's caqMacAceFeature o ...
caqMacAceSrcMac: Indicates the 48 bits source MAC address. The packet's source address is AND-ed with the value of caqMacAceSrcMacMask and then compared against the value of this object. If this object value is 00-00-00-00-00-00, and the value of caqMacAceSrcMacMask objec ...
caqMacAceSrcMacMask: Indicates the 48 bit source MAC address mask.
caqMacAceDestMac: Indicates the 48 bits destination MAC address. The packet's destination address is AND-ed with the value of caqMacAceDestMacMask and then compared against the value of this object. If this object value is 00-00-00-00-00-00, and the value of caqMacAceDest ...
caqMacAceDestMacMask: Indicates the 48 bit destination MAC address mask.
caqMacAceEthertype: This 16-bit hexadecimal number indicates the matched Ethernet type. 0x0000 means any Ethernet type will be matched.
caqMacAceOrderPosition: The ordering position of this ACE in the ACL. If this entry is not in active(1) state, this object has value of 0.
caqMacAceBeforePosition: The object is to control the position of an ACE in the ACL. Specifies the order position of a new ACE before a ACE which is already in the ACL. It means that the new ACE will replace the position of the ACE which the object specifies. For example, if ther ...
caqMacAceStatus: The status of this MAC ACE conceptual row entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value. Especially, it ...
caqMacAceMatchCriteria: Indicates which field in the packet header to be matched. matchCos(0) means that the packet Cos value will be matched against the value specified by caqMacAceCos object in the same row. matchVlan(1) means that the packet VLAN value will be matched against ...
caqMacAceCos: Indicates the packet Cos value to be matched. The value of this object is ignored whenever the matchCos(0) bit of caqMacAceMatchCriteria object is not on.
caqMacAceVlan: Indicates the packet VLAN number to be matched. The value of this object is ignored whenever the matchVlan(1) bit of caqMacAceMatchCriteria object is not on.
caqFlowPolicingCpb: Indicates the flow policing capability of the device. microFlow(0) indicates that microflow can be policed. aggregate(1) indicates that aggregate flow can be policed.
caqQosActionSelectTable: This table describes the actions of ACEs. Once an ACE is matched, it follows its MatchedAction object to an entry of this table to get an action for the matching ACE. An action includes policer information as well as an DSCP associated with trust state i ...
caqQosActionSelectEntry: An entry of an ACE action. It links to the entries of caqFlowPolicerTable with caqQosActionSelectMicroflow, caqQosActionSelectAggregate objects.
caqQosActionSelectIndex: The index of this table for indicating an ACE Action for QoS.
caqQosActionSelectTrust: Determines if the packets matching the ACE should be trusted or if a specific DSCP should be assigned to it. If trustCos(2) is specified, the final DSCP value should refer to caqCosToDscpDscp object in caqCosToDscpTable to transfer layer 2 CoS value to DS ...
caqQosActionSelectDscp: This object is only instantiated when the caqQosActionSelectTrust object in the same entry has been set to noTrust(1).
caqQosActionSelectMicroflow: Indicates a policer name. The value of this object either matches the value of caqFlowPolicerName object of an active entry in caqFlowPolicerTable or has an empty string value. The ACE uses this object to link to a policer flow entry. If there is no micr ...
caqQosActionSelectAggregate: Indicates a policer name. The value of this object either matches the value of caqFlowPolicerName object of an active entry in caqFlowPolicerTable or has an empty string value. The ACE uses this object to link to a policer flow entry. If there is no aggre ...
caqQosActionSelectStatus: The status of this Qos Action Select conceptual row entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value. Once ...
caqFlowPolicerExcessRateSupport: Indicates whether the device supports excess rate configuration.
caqFlowPolicerTable: This table defines the flow policing rules. A flow policing rule comprises a rate, burst size and drop-or-mark indication.
caqFlowPolicerEntry: The attributes defining a flow policing rule.
caqFlowPolicerName: The name of a policer. This name has to be unique to identify a microflow or an aggregate policer in the device.
caqFlowPolicerType: The type of this policer.
caqFlowPolicerNormalRateRequest: The requested average rate of the flow. The base unit of this object is 1 kilo-bits per second. 0 may be specified for a rate which causes all packets to be out-of-profile. Out-of-profile indicates that a packet causes the committed access rate of the p ...
caqFlowPolicerNormalRateGrant: The granted average rate of the flow. The base unit of this object is 1 kilo-bits per second. If the status of this row is not active, the value of this object will be the same as caqFlowPolicerNormalRateRequest's value. If the QoS function is enabled an ...
caqFlowPolicerNormalRateAction: The action for those normal rate out-of-profile packets. The action is to drop the packets or mark down its DSCP to the value of caqDscpMappingNRPolicedDscp defined in caqDscpMappingTable. If the caqFlowPolicerExcessRateSupport is true(1), this object can ...
caqFlowPolicerExcessRateRequest: The requested excess rate of the flow. The base unit of this object is 1 kilo-bits per second. 0 may be specified for a rate which causes all packets to be out-of-profile. Out-of-profile indicates that a packet causes the committed access rate of the pa ...
caqFlowPolicerExcessRateGrant: The granted excess rate of the flow. The base unit of this object is 1 kilo-bits per second. If the status of this row is not active, the value of this object will be the same as caqFlowPolicerExcessRateRequest's value. If the QoS function is enabled and ...
caqFlowPolicerExcessRateAction: The action for those excess rate out-of-profile packets. The action is to drop the packets or mark down its DSCP value to value of caqDscpMappingERPolicedDscp defined in caqDscpMappingTable. If the caqFlowPolicerExcessRateSupport is false(2), this object ...
caqFlowPolicerBurstSizeRequest: The requested burst rate of the flow. The base unit of this object is 1 kilo-bits.
caqFlowPolicerBurstSizeGrant: The granted burst rate of the flow. The base unit of this object is 1 kilo-bits. If the status of this row is not active, the value of this object will be the same as caqFlowPolicerBurstSizeRequest's value. If the QoS function is enabled and the policy so ...
caqFlowPolicerStatus: The status of this flow policer conceptual row entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value. Once a row ...
caqFlowPolicerExcessBurstRequest: The requested excess burst size of the flow. If the caqFlowPolicerExcessBurstSupport is false(2), this object cannot be instantiated.
caqFlowPolicerExcessBurstGrant: The granted excess burst size of the flow. If the status of this row is not active, the value of this object will be the same as caqFlowPolicerExcessBurstRequest's value. If the QoS function is enabled and the policy source is from local configuration, th ...
caqSecurityActionTable: This table describes the actions of Security ACEs. Once an ACE is matched and it can go through an entry of this table to find the Security action.
caqSecurityActionEntry: An entry of a Security ACE action. It provides the action for for the traffic matching Security ACEs.
caqSecurityActionIndex: The index of this table for indicating a Security ACE action entry.
caqSecurityAction: Determines the action that the device will take if the traffic matches the ACE. If permit(1) is specified, the matched traffic will be allowed through the device. If deny(2) is specified, the matched traffic will be blocked and dropped. If redirect(3) is ...
caqSecurityRedirectPortList: Indicates the set of physical port(s) that matched traffic is redirected to. Each octet within the value of this object specifies a set of eight ports, with the first octet specifying ports 1 through 8, the second octet specifying ports 9 through 16, etc. ...
caqSecurityCapture: Indicates whether the matched traffic is to be captured. Capture means the packet is not only switched normally but also a copy of the switched packet is transmitted on the capture port(s). Traffic which is dropped cannot be captured; only traffic that is ...
caqSecurityActionStatus: The status of this Security ACE action conceptual row entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have appropriate value. If the ...
caqSecurityAdjIndex: Indicates the index of an active adjacency entry in caqAdjacencyTable. The value of this object is ignored whenever the value of caqSecurityAction object in the same row is not redirectWithAdj(4).
caqSecurityArpMacAddress: Indicates the 48 bits Mac address used in ARP packet. The value of this object is ignored whenever the value of caqSecurityAction object in the same row is not one of the following values denyArpInspection(6), denyArpInspWithLog(7) and permitArpInspection ...
caqSecurityRedirect2kPortList: Indicates the set of physical port(s) that matched traffic is redirected to. Each octet within the value of this object specifies a set of eight ports, with the first octet specifying ports 1 through 8, the second octet specifying ports 9 through 16, etc. ...
caqSecurityDownloadedAceFeature: Indicates the feature type of the downloaded ACE. 'notApplicable' indicates that this security action entry is not applied to any downloaded ACE. 'dot1x' indicates that this security action entry is applied to downloaded ACE for 802.1x feature. 'macAuth' ...
caqSecurityAclCaptureIfTable: This table contains all the physical ports which are capable of being capture interfaces on which captured packets are output.
caqSecurityAclCaptureIfEntry: The index of this table is the ifIndex value of a physical port which is capable of being a capture interface on which captured packets are output.
caqSecurityAclCaptureEnable: An interface can be a destination of captured traffic which matched any Security ACL. This object is to specify whether to enable or disable this interface as a destination of captured traffic.
caqFlowPolicerExcessBurstSupport: Indicates whether the device supports excess burst size configuration.
caqSecurityRateLimitFeatures: Indicates the features which implement rate limit on their traffic flows using the rate limit value denoted by caqSecurityAclRateLimit object. This rate limit value is shared among all features denoted by this object.
caqSecurityAclRateLimit: Indicates the maximum rate of all traffic flows subjected to rate limiting imposed by all features denoted by caqSecurityRateLimitFeatures object.
caqQosDefaultActionTable: This table contains the QoS default action taken by the device for traffic which is not matched by a specific QoS ACE.
caqQosDefaultActionEntry: The entries in this table are corresponding to the type of traffic as well as its direction and contain the default DSCP value, trust state and policers information. The number of entry in this table depends on what type of traffic supported by the device ...
caqQosTrafficDirection: Indicates whether this row's parameters are to be applied for ingress or for egress traffic.
caqQosTrafficType: Indicates whether this row's parameters are to be applied for Ethernet, IP or IPX traffic.
caqQosDefaultTrustState: Indicates the default assigned trust state. If trustCos(2) is specified, the default DSCP value of an unmatched packet should refer to caqCosToDscpDscp object in caqCosToDscpTable to transfer layer 2 CoS value to DSCP value. If trustIpPrec(3) is specified ...
caqQosDefaultDscp: This object is only instantiated when the caqQosDefaultTrust object in the same entry has been set to noTrust(1).
caqQosDefaultMicroflow: Indicates a microflow policer name. The value of this object either matches the value of caqFlowPolicerName object of an active entry in caqFlowPolicerTable or has an empty string value. If there is no default microflow policer defined for unmatched traff ...
caqQosDefaultAggregate: Indicates an aggregate policer name. The value of this object either matches the value of caqFlowPolicerName object of an active entry in caqFlowPolicerTable or has an empty string value. If there is no default aggregate policer defined for unmatched traf ...
caqAclFeatureCpb: Indicates the set of features that the device supports related to ACLs configured in the device. vlanAclHitCount(0) indicates that the device supports ACL hit count feature for ACLs attached to VLAN interfaces. portAclHitCount(1) indicates that the device ...
caqL3PacketsDropByPolicer: Indicates the number of Layer 3 packets dropped due to policing.
caqTosChangedIpPackets: Indicates the number of IP packets have the Tos value changed.
caqCosChangedIpPackets: Indicates the number of IP packets have the Cos value changed.
caqCosChangedNonIpPackets: Indicates the number of non IP packets have the Cos value changed.
caqPortStatsTable: A table containing QoS statistics counters per physical interface.
caqPortStatsEntry: An entry contains QoS statistics maintained by the switching engine.
caqPortStatsDirection: Indicates traffic direction of an physical interface.
caqPortStatsQueueNumber: Indicates the queue number of the interface for which statistics are collected. For example : if the port type of this interface is 1P2Q2T, this object can be 1, 2, 3.
caqPortStatsThresholdNumber: Indicates the threshold number of a queue on the interface for which statistics are collected. For example : if the port type of this interface is 1P2Q2T, this object can be 1, 2.
caqPortStatsDropPkts: The number of packets have been received then dropped from the interface because they exceeded the threshold value configured at this queue and threshold of this interface.
caqPortStatsDropPktsAveRate: The five minute linearly-decayed moving average of packets have been received then dropped from the interface because they exceeded the threshold value configured at this queue and threshold of this interface.
caqPortStatsDropPktsPeakRate: The peak rate of packets have been received then dropped from the interface because they exceeded the threshold value configured at this queue and threshold of this interface over the past five minutes.
caqFlowStatsTable: A table containing QoS statistics counter per flow.
caqFlowStatsEntry: An entry contains the number of out of profile packet per flow maintained by the switching engine.
caqFlowStatsOutOfProfilePackets: Indicates the number of out-of-profile packets in this flow.
caqAggPolicerStatsTable: A table containing QoS statistics counter per aggregate policer.
caqAggPolicerStatsEntry: An entry contains the number of packet policed and the number of out of profile packets per aggregate policer.
caqAggPolicerName: The name of a policer. This name has to be unique to identify an aggregate policer in the device.
caqAggPolicerPackets: Indicates the number of packets is policed by this aggregate policer. This object is only instantiated if such info is available in the device.
caqAggPolicerNRExceedPackets: Indicates the number of packets exceeded the normal rate of this aggregate policer. This object in only instantiated if such info is available in the device.
caqAggPolicerERExceedPackets: Indicates the number of packets exceeded the excess rate of this policer. This object is only instantiated if such info is available in the device and if excess rate is supported by the device as indicated by caqFlowPolicerExcessRateSupport object.
caqAggPolicerOctets: Indicates the number of octets is policed by this aggregate policer. This object is only instantiated if such info is available in the device.
caqAggPolicerNRExceedOctets: Indicates the number of octets exceeded the normal rate of this aggregate policer. This object is only instantiated if such info is available in the device.
caqAggPolicerERExceedOctets: Indicates the number of octets exceeded the excess rate of this policer. This object is only instantiated if such info is available in the device and if excess rate is supported by the device as indicated by caqFlowPolicerExcessRateSupport object.
caqAggPolicerOctetsRate: Indicates five minute linearly-decayed moving average of octets policed by this aggregate policer. This object is only instantiated if such info is available in the device.
caqAggPolicerNRExceedOctetsRate: Indicates five minute linearly-decayed moving average of octets exceeded the normal rate of this aggregate policer. This object is only instantiated if such info is available in the device.
caqAggPolicerERExceedOctetsRate: Indicates five minute linearly-decayed moving average of octets exceeded the excess rate of this policer. This object is only instantiated if such info is available in the device and if excess rate is supported by the device as indicated by caqFlowPolicer ...
caqAggPolicerOctetsPeakRate: Indicates peak rate of octets is policed by this aggregate policer over the past five minute. This object is only instantiated if such info is available in the device.
caqAggPolicerPacketsRate: Indicates five minute linearly-decayed moving average of packets policed by this aggregate policer. This object is only instantiated if such info is available in the device.
caqAggPolicerNRExceedPacketsRate: Indicates five minute linearly-decayed moving average of packets exceeded the normal rate of this aggregate policer. This object is only instantiated if such info is available in the device.
caqAggPolicerERExceedPacketsRate: Indicates five minute linearly-decayed moving average of packets exceeded the excess rate of this policer. This object is only instantiated if such info is available in the device and if excess rate is supported by the device as indicated by caqFlowPolice ...
caqAggPolicerPacketsPeakRate: Indicates peak rate of packets is policed by this aggregate policer over the past five minutes. This object is only instantiated if such info is available in the device.
caqL3PacketsDropByPolicerAveRate: Indicates five minute linearly-decayed moving average of Layer 3 packets dropped due to policing.
caqL3PacketsDropByPolicerPeakRate: Indicates the peak rate of Layer 3 packets dropped due to policing over the past five minutes.
caqTosChangedIpPacketsAveRate: Indicates five minute linearly-decayed moving average of IP packets have the Tos value change.
caqTosChangedIpPacketsPeakRate: Indicates the peak rate of IP packets have the Tos value change over the past five minute.
caqCosChangedIpPacketsAveRate: Indicates five minute linearly-decayed moving average of IP packets have the Cos value change.
caqCosChangedIpPacketsPeakRate: Indicates the peak rate of IP packets have the Cos value change over the past five minutes.
caqCosChangedNonIpPacketsAveRate: Indicates five minute linearly-decayed moving average of non IP packets have the Cos value change.
caqCosChangedNonIpPacketPeakRate: Indicates the peak rate of non IP packets have the Cos value change over the past five minutes.
caqBridgedPolicerTable: This table provides configuration information for each (existing) VLAN on whether or not bridged packets are policed at the microflow level on that VLAN. This configuration is useful in situations in which there are insufficient resources to police bridge ...
caqBridgedPolicerEntry: A conceptual row in the caqBridgedPolicerTable to control if bridged packets are policed at microflow level on a particular VLAN.
caqBridgedFlowVlanIndex: The VLAN-id of this VLAN.
caqBridgedFlowEnabled: Enable or Disable this function. If this objects is set to true, the bridged packets will be policed at microflow level. If it is set to false, bridged packets won't be policed at microflow level. This value has no effect on aggregate policing. The defaul ...
caqCosMacVlanRouterTable: This table is used either to assign a Cos value to frames on a specific VLAN and which have a specific destination MAC address and/or to indicate if the configured destination MAC address is of a router. This table is applied only for platform that suppor ...
caqCosMacVlanRouterEntry: The Cos value to be assigned to frames on a specific VLAN and which have a specific destination MAC address and/or the configured destination MAC address is of a router.
caqCosMacAddress: Indicates the destination MAC address to match against the flow.
caqCosVlanNumber: Indicates the VLAN number.
caqMacAddressCpb: Indicates the capability of the destination MAC address denoted by caqCosMacAddress object in the same row. routerMac(0) means that it is a router Mac address. cosVlanMac(1) means that a Cos value is assigned to frames on a specific VLAN and which has thi ...
caqCosValue: Indicates the Cos value. This object is only instantiated if the cosVlanMac bit in caqMacAddressCpb object is turned on.
caqCosMacVlanRouterStatus: The status of this conceptual row entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value. Once a row becomes acti ...
caqPbfStatus: Indicates the status of policy-based forwarding (PBF) engine. macAddrOk(1) indicates that the MAC address of the PBF engine is set successfully and PBF engine is operational. macAddrNotSet(2) indicates that the MAC address of the PBF engine is not set and ...
caqPbfMacAddress: Indicates the PBF engine MAC address. When the value of caqPbfStatus is msfcPresent(3), this object cannot be configured and its previously configured value is ignored.
caqAdjacencyTable: This table contains a list of adjacencies to use in policy-based forwarding (PBF). PBF is a feature that makes possible forwarding between two different VLANs without having a router.
caqAdjacencyEntry: An entry defines an adjacency. Each adjacency consists of a destination VLAN, source and destination MAC address as well as adjacency name and MTU configuration.
caqAdjIndex: Indicates the index of this adjacency.
caqAdjDstVlanNumber: Indicates the destination VLAN number of this adjacency.
caqAdjDstMacAddress: Indicates the adjacency destination MAC address.
caqAdjSrcMacAddress: Indicates the adjacency source MAC address. If this object is not configured, it will contain the MAC address of the PBF engine which is denoted by caqPbfMacAddress object.
caqAdjName: Indicates the adjacency name. The adjacency name should be unique among all entries in this table.
caqAdjMtu: Indicates the adjacency MTU.
caqAdjHitCount: Indicates the number of packets that have matched this adjacency's criteria. The value of this object is cleared when this row is derefenced by entries in caqSecurityActionTable.
caqAdjStatus: Indicates the status of this adjacency conceptual entry. This object is used to manage creation, deletion and modification of rows in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value. Once a ...
caqAclLogMaxFlow: Indicates the maximum number of traffic flow will be logged by the device.
caqAclSecurityLoggingRateLimit: Indicates the redirect rate of traffic flow subjected to security ACL logging.
caqAclRouterAclRateLimit: Indicates the redirect rate of traffic flow subjected to router ACL logging.
caqIpFlowLoggingTable: This table contains a list of IP flows that describes the IP traffic denied and logged by the device.
caqIpFlowLoggingEntry: An entry describes an IP flow, consisting of a set of data such as source and destination address, source and destination port as well as protocol specific information. To keep the table from overflow, each entry contains a TTL (Time to Live) object. An e ...
caqIpFlowLoggingIndex: The index of this table for indicating a logged IP flow.
caqIpFlowVlan: Indicates the VLAN number which this logged IP flow belongs.
caqIpFlowIfIndex: Indicates the ifIndex of the interface where this logged IP flow arrived.
caqIpFlowProtocolType: The protocol number field in the IP header of this logged IP flow as specified in RFC 1700.
caqIpFlowAddrType: Indicates the address type for addresses specified in caqIpFlowSrcIp and caqIpFlowDestIp of this logged IP flow.
caqIpFlowSrcIp: Indicates the source address of this logged IP flow.
caqIpFlowSrcPort: Indicates the source port number of this logged IP flow when its protocol field is TCP or UDP. The value of this object is -1 if the flow is not UDP or TCP traffic.
caqIpFlowDestIp: Indicates the destination address of this logged IP flow.
caqIpFlowDestPort: Indicates the destination port number of this logged IP flow when its protocol field is TCP or UDP. The value of this object is -1 if the flow is not UDP or TCP traffic.
caqIpFlowIcmpType: Indicates the message type of ICMP packets. The value of this object is -1 if the flow is not ICMP traffic.
caqIpFlowIcmpCode: Indicates the message code of ICMP packets. The value of this object is -1 if the flow is not ICMP traffic.
caqIpFlowIgmpType: Indicates the message type of IGMP packets. The value of this object is -1 if the flow is not IGMP traffic.
caqIpFlowArpOpcode: Indicates the ARP opcode value of this ARP flow. If the value of this object is notApplicable(1), this flow is not ARP traffic. If the value of this object is request(2), this flow is ARP request traffic. If the value of this object is reply(3), this flow ...
caqIpFlowArpSrcMacAddr: Indicates the Ethernet Source Address value of this ARP flow. This object is ignored if the flow is not ARP traffic.
caqIpFlowArpHeaderSrcMacAddr: Indicates the Ethernet Source Address value included in the ARP header of this ARP flow. This object is ignored if the flow is not ARP traffic.
caqIpFlowPacketsCount: Indicates the number of packets that belong to this IP flow.
caqIpFlowLoggingTTL: Indicates the TTL (Time to Live) of this entry. The entry is removed when its value of this object reaches 0.
caqIpFlowArpLoggingSource: Indicates the source that triggered the logging of this ARP flow. This object value is 'notApplicable' if the flow is not ARP traffic. 'dai' indicates the logging source is Dynamic Arp Inspection feature. 'acl' indicates the logging source is a configured ...
caqIpFlowArpAclName: Indicates the security ACL name which triggered the logging of this ARP flow. This object is ignored if the value of caqIpFlowArpLoggingSource object in the same row is not 'acl'.
caqIpFlowArpAceNumber: Indicates the ACE number within the ACL denoted by caqIpFlowArpAclName object which triggered the logging of this ARP flow. This object is ignored if the value of caqIpFlowArpLoggingSource object in the same row is not 'acl'.
caqAclArpInspMatchMac: Indicates whether for ARP packets MAC address matching of ethernet header and the source MAC address specified in ARP header is enabled. It also indicates the action taken when the addresses do not match. If this object value is disable(1), the device wil ...
caqAclArpInspAddrValidation: Indicates whether for ARP packets checking for valid source MAC and source IP address specified in ARP header is enabled. It also indicates the action taken when the addresses are not valid. If this object value is disable(1), the device will not check fo ...
caqArpInspGlobalForwardedPkts: Indicates the total number of packets subjected to ARP Inspection is forwarded.
caqArpInspGlobalDroppedPkts: Indicates the total number of packets subjected to ARP Inspection is dropped.
caqRARPForwardedPkts: Indicates the total number of packets subjected to Reverse ARP (RARP) Inspection is forwarded.
caqMatchedMacFailedPkts: Indicates the total number of packets subjected to ARP Inspection whose MAC address specified in the ethernet header and the source MAC address specified in ARP header does not match.
caqAddrValidationFailedPkts: Indicates the total number of ARP packets that have invalid source MAC address or invalid source IP address specified in the ARP header.
caqArpInspIpDroppedPkts: Indicates the total number of IP packets dropped by ARP Inspection because of invalid IP address.
caqArpInspStatsTable: A table containing ARP Inspection statistics counter per ACL.
caqArpInspStatsEntry: An entry contains the numbers of packet permitted or denied per ACL.
caqArpInspAclName: The name of an ACL that contains ACE used for ARP Inspection.
caqArpInspForwardedPackets: Indicates the number of packets subjected to ARP Inspection is forwarded by this ACL.
caqArpInspDroppedPackets: Indicates the number of packets subjected to ARP Inspection is dropped by this ACL.
caqIfArpInspConfigTable: This table contains the configuration of several threshold values related to ARP Inspection at each physical interface.
caqIfArpInspConfigEntry: Each entry contains the configuration for drop threshold and shutdown threshold for ARP Inspection at each physical interface that supports this feature. Some of the interfaces (but not limited to) for which this feature might be applicable are: ifType = ...
caqIfArpInspDropThreshold: Indicates the drop threshold value where excess packets of a traffic flow subjected to ARP Inspection will be dropped if its rate is greater than this threshold value. If the value of this object is 0, no rate limit is applied for dropping ARP traffic at ...
caqIfArpInspShutdownThreshold: Indicates the threshold value where the interface will be shutdown if traffic rate subjected to ARP Inspection is greater than this threshold value. If the value of this object is 0, no ARP traffic rate limit is applied for shutting down the interface.
caqAclHitCountVlansLow: A string of octets containing one bit per VLAN for VLANs with VlanIndex value of 0 to 2047. The first octet corresponds to VLANs with VlanIndex values of 0 through 7; the second octet to VLANs 8 through 15; etc. The most significant bit of each octet cor ...
caqAclHitCountVlansHigh: A string of octets containing one bit per VLAN for VLANs with VlanIndex value of 2048 to 4095. The first octet corresponds to VLANs with VlanIndex values of 2048 through 2055; the second octet to VLANs 2056 through 2063; etc. The most significant bit of ...
caqAclHitCountPortList: Indicates the set of physical port(s), in bridge port number, where ACL hit count feature is enabled. For each port, if ACL hit count feature is enabled then the bit corresponding to that port is set to '1'. This object is only instantiated when the portA ...
caqAclHitCountTable: This table provides the hit count configuration on ACLs which support this feature.
caqAclHitCountEntry: An entry indicates whether the hit count feature is enabled on a particular ACL as well as its statistic collection mode.
caqAclHitCountAclType: Indicates the type of ACL. ipSecurity(1) indicates that this ACL is an IP Security ACL. ipxSecurity(2) indicates that this ACL is an IPX Security ACL. macSecurity(3) indicates that this ACL is a MAC Security ACL.
caqAclHitCountAclName: Indicates the ACL name which should exist in the ACL tables e.g. in caqIpAceTable. This ACL must be matching the type specified in caqAclHitCountAclType in the same row.
caqAclHitCountEnable: Indicates whether this ACL hit count is enabled.
caqAceHitCountTable: This table provides the hit count configuration on ACEs which support this feature.
caqAceHitCountEntry: An entry indicates whether the hit count feature is enabled on a particular ACE as well as its hit count statistic.
caqAceHitCountAclType: Indicates the type of ACL. ipSecurity(1) indicates that this ACL is an IP Security ACL. ipxSecurity(2) indicates that this ACL is an IPX Security ACL. macSecurity(3) indicates that this ACL is a MAC Security ACL.
caqAceHitCountAclName: Indicates the ACL name which should exist in the ACL tables e.g. in caqIpAceTable. This ACL must be matching the type specified in caqAceHitCountAclType in the same row.
caqAceHitCountAceIndex: The index of an ACE within an ACL.
caqAceHitCountEnable: Indicates whether this ACE hit count is enabled.
caqAceIngressHitCount: Indicates number of hit count for this ACE for ingress traffic.
caqAceEgressHitCount: Indicates number of hit count for this ACE for egress traffic.
caqIfAclHitCountTable: This table provides the ACL hit count statistics at an interface. An interface can be a physical port if the bit portAclHitCount(1) is set in the object caqAclFeatureCpb or a VLAN if the bit vlanAclHitCount(0) is set in the object caqAclFeatureCpb.
caqIfAclHitCountEntry: Each entry indicates the number of hit count at each ACE belonged to an ACL which supports hit count collection at an interface where the ACL is attached.
caqIfAclHitCountAclType: Indicates the type of ACL. ipSecurity(1) indicates that this ACL is an IP Security ACL. ipxSecurity(2) indicates that this ACL is an IPX Security ACL. macSecurity(3) indicates that this ACL is a MAC Security ACL.
caqIfAclHitCountAclName: Indicates the ACL name which should exist in the ACL tables e.g. in caqIpAceTable. This ACL must be matching the type specified in caqIfAclHitCountAclType in the same row.
caqIfAclHitCountAceIndex: The index of an ACE within an ACL.
caqIfAclIngressHitCount: Indicates the number of hit count of this ACE for ingress traffic on this interface.
caqIfAclEgressHitCount: Indicates the number of hit count of this ACE for egress traffic on this interface.
caqDownloadAclInfoTable: This table provides the management information for downloaded ACLs.
caqDownloadAclInfoEntry: An entry is populated for each downloaded ACL in the device.
caqDownloadAclName: This object indicates the name of a downloaded ACL.
caqDownloadAclUserCount: This object indicates the number of users (i.e., authenticated hosts) who are using this downloaded ACL.
caqDownloadAclDownloadTime: This object indicates the time when this ACL is downloaded to the device.
caqIpDownloadAceTable: This table contains a list of downloaded IP ACEs for security purpose. Each ACE consists of a filter specification and behavior associated with it which describes what action to carry out on packets which match. An ACL is defined as the set of ACEs. Each ...
caqIpDownloadAceEntry: An entry defines an ACE, consisting of a set of match criteria. For a packet to match an entry, it has to match all the criteria specified in that entry.
caqIpDownloadAclName: The name of a downloaded IP ACL.
caqIpDownloadAceIndex: The index of an ACE within a downloaded ACL.
caqIpDownloadAceMatchedAction: Indicates the action to be taken if a packet matches this ACE. If 'permit' is specified, the matched packet will be allowed through the device. If 'deny' is specified, the matched packet will be blocked and dropped. If 'denyAndLog' is specified, the match ...
caqIpDownloadAceProtocolType: The protocol number field in the IP header used to indicate the higher layer protocol as specified in RFC 1700. A value value of 0 matches every IP packet. For example : 0 is IP, 1 is ICMP, 2 is IGMP, 4 is IP in IP encapsulation, 6 is TCP, 9 is IGRP, 17 i ...
caqIpDownloadAceAddrType: The type of IP address used by this ACE entry.
caqIpDownloadAceSrcIp: The specified source IP address. The packet's source address is AND-ed with the value of caqIpDownloadAceSrcIpMask and then compared against the value of this object. If this object value is 0.0.0.0, and the value of caqIpDownloadAceSrcIpMask object in th ...
caqIpDownloadAceSrcIpMask: The specified source IP address mask.
caqIpDownloadAceSrcPortOp: Indicates how a packet's source TCP/UDP port number is to be compared. 'noOperator', which is the default value, means that no comparison is to be made with the source TCP/UDP port number. 'lt' means less than, 'gt' means greater than, 'eq' means equal, ' ...
caqIpDownloadAceSrcPort: The source port number of the TCP or UDP protocol. If the caqIpDownloadAceSrcPortOp object in the same row is 'range', this object will be the starting port number of the port range.
caqIpDownloadAceSrcPortRange: The source port number of the TCP or UDP protocol. If the caqIpDownloadAceSrcPortOp object in the same row is 'range', this object will be the ending port number of the port range, otherwise the value of this object is ignored.
caqIpDownloadAceDestIp: The specified destination IP address. The packet's destination address is AND-ed with the value of caqIpDownloadAceDestIpMask and then compared against the value of this object. If this object value is 0.0.0.0 and the value of caqIpDownloadAceDestIpMask o ...
caqIpDownloadAceDestIpMask: The specified destination IP address mask.
caqIpDownloadAceDestPortOp: Indicates how a packet's destination TCP/UDP port number is to be compared. 'noOperator', which is the default value, means that no comparison is to be made with the destination TCP/UDP port number. 'lt' means less than. 'gt' means greater than. 'eq' mean ...
caqIpDownloadAceDestPort: The destination port number of the TCP or UDP protocol. If the caqIpDownloadAceDestPortOp object in the same row is 'range' this object will be the starting port number of the port range.
caqIpDownloadAceDestPortRange: The destination port number of the TCP or UDP protocol. If the caqIpDownloadAceDestPortOp object in the same row is 'range', this object will be the ending port number of the port range, otherwise this object value is ignored.
caqIpDownloadAceTosMatchCriteria: Indicates what field of Tos octet in the packet header to be matched. 'none' means that there is no need to match the ToS octet. 'matchDscp' means that the DSCP value of packet header need to be matched. If this value is specified, the caqIpDownloadAceDsc ...
caqIpDownloadAceIpPrec: Specifies the IP precedence value to be matched against. The value of this object is ignored whenever the value of caqIpDownloadAceTosMatchCritial object is not 'matchIpPrec'.
caqIpDownloadAceDscp: Specifies the Dscp value to be matched against. Packets can be matched to DSCP value from 0 to 63. The value of this object is ignored whenever the value of caqIpDownloadAceTosMatchCritial object is not 'matchDscp'.
caqIpDnldAcePrtocolMatchCriteria: Indicates what field in the packet header for ICMP or IGMP or TCP protocol to be matched. 'none' means no comparison is to be done for ICMP/TCP. 'matchIcmpType' means that the Type field of ICMP protocol packet header needs to be matched. If this value is ...
caqIpDownloadAceIcmpType: Indicates the message type of ICMP packets. The type is a number from 0 to 255. The value of this object is ignored whenever the value of caqIpDnldAcePrtocolMatchCriteria object is not 'matchIcmpType' or 'matchIcmpTypeAndCode'.
caqIpDownloadAceIcmpCode: Indicates the message code of ICMP packets. The code is a number from 0 to 255. The value of this object is ignored whenever the value of caqIpDnldAcePrtocolMatchCriteria object is not 'matchIcmpTypeAndCode'.
caqIfDownloadAclTable: This table provides the management information for physical interface where downloaded ACLs are applied.
caqIfDownloadAclEntry: An entry is populated for each interface that utilies downloaded ACLs in the device.
caqIfDownloadAclFeature: This object indicates the security feature running at this interface and trigger the download of this ACL. 'dot1x' indicates that the 802.1x feature is running at this interface and trigger the download of this ACL. 'eou' indicates that the Extensible Aut ...
caqIfDownloadAclAddressType: This object indicates the type of IP address of the host.
caqIfDownloadAclHostAddress: This object indicates IP address of the host connected to this interface. The type of this address is determined by the value of caqIfDownloadAclAddressType object.
caqIfIpPhoneMapTable: This table provides the management information for the mapping of IP Phone to interface that utilizes downloaded ACL.
caqIfIpPhoneMapEntry: An entry is populated for each interface that has an IP Phone connected to and utilizes downloaded ACL.
caqIfIpPhoneAddressType: This object indicates the type of IP address of the IP Phone connected to this interface.
caqIfIpPhoneHostAddress: This object indicates the IP address of the IP Phone. The type of this address is determined by the value of the caqIfIpPhoneAddressType object.
caqIfConfigGroup: A collection of objects providing the Qos configuration information at each physical interface on the device.
caqIfAclConfigGroup: A collection of objects providing the ACL information on the device.
caqAclCpbGroup: A collection of objects providing the ACL information on the device.
caqIpAceGroup: A collection of objects providing the IP ACE information.
caqIpxAceGroup: A collection of objects providing the IPX ACE information.
caqMacAceGroup: A collection of objects providing the MAC ACE information.
caqActionGroup: A collection of objects providing the ACE action information.
caqPolicingGroup: A collection of objects providing the microflow and aggregate flow configuration.
caqQosExcessRateGroup: A collection of objects providing Qos information on excess rate.
caqQosMappingGroup: A collection of objects providing Qos mapping information.
caqQueueAssignmentGroup: A collection of objects providing the queue assignment information.
caqQueueGroup: A collection of objects providing the queue information.
caqQosBridgedFlowPolicerGroup: A collection of objects providing the information on bridged packet policing.
caqQosMacVlanGroup: A collection of objects providing the classification information based on Mac address and vlan.
caqQosStatsGroup: A collection of objects providing the QoS statistics information.
caqSecurityGroup: A collection of objects providing the security information.
caqFlowPolicingCpbGroup: A collection of object providing the flow policing capability information.
caqQosStatsGroup2: A collection of objects providing the QoS statistics information per aggregate policer.
caqSecurityPBFGroup: A collection of objects providing the PBF configuration and statistics information.
caqQosExcessBurstGroup: A collection of objects providing Qos information on excess burst size.
caqIfTrustDeviceGroup: A collection of objects providing the trusted device configuration and operational state.
caqLoggingGroup: A collection of objects providing the security logging configuration and statistics.
caqArpInspGroup: A collection of objects providing the ARP Inspection configuration and statistics.
caqSecurityRateLimitGroup: A collection of objects providing the security acl feature rate limit configuration state.
caqDscpMutationGroup: A collection of objects providing the DSCP mutation configuration information.
caqQosDefaultActionGroup: A collection of objects providing the default Qos action configuration on the device.
caqIfAclConfigGroup2: A collection of object providing the additional ACL attachment configuration on the device.
caqIpEspGroup: A collection of object providing the Ip ESP traffic matching configuration on the device.
caqDscpRewriteGroup: A collection of object providing the configuration of DSCP rewrite feature on the device.
caqAggPolicerOctetStatsGroup: A collection of objects providing the QoS statistics information per aggregate policer in unit of octet.
caqSecurityGroup2: A collection of objects providing the security information.
caqIfSecurityAclConfigGroup: A collection of objects providing the security ACL information on the device.
caqIpAceExtGroup: A collection of objects providing the source and destination group information to configure IP ACL on the device.
caqAclHitCountGroup: A collection of objects providing the ACL hit count configuration and statistics on the device.
caqMacAceExtGroup: A collection of objects providing addtional matching criteria such as the VLAN, Cos information to configure MAC ACE on the device.
caqMacPktClassifyVlanGroup: A collection of objects providing the VLAN configuration for MAC packet classify feature on the device.
caqAclFeatureGroup: A collection of object providing what feature related to ACL that the device is capable of.
caqPortAclHitCountGroup: A collection of object providing the set of physical ports where ACL hit count feature is enabled.
caqVlanAclHitCountGroup: A collection of objects providing the set of VLANs where ACL hit count feature is enabled.
caqQosL3StatsRateGroup: A collection of objects providing the five minute linearly-decayed moving average QoS statistics for Layer 3 traffic.
caqQosL3StatsPeakGroup: A collection of objects providing the peak rate QoS statistics over past five minute period for Layer 3 traffic.
caqAggPolicerOctetsRateGroup: A collection of objects providing the five minute linearly-decayed octets moving average rate per aggregate policer.
caqAggPolicerPacketsRateGroup: A collection of objects providing the five minute linearly-decayed packets moving average rate per aggregate policer.
caqAggPolicerOctetsPeakGroup: A collection of objects providing the peak rate of octets over past five minute period per aggregate policer.
caqAggPolicerPacketsPeakGroup: A collection of objects providing the peak rate of packets over past five minute period per aggregate policer.
caqQosPortRateGroup: A collection of object providing the five minute linearly-decayed packets drop rate per interface.
caqQosPortPeakGroup: A collection of object providing the peak rate of packets over past five minute period per interface.
caqSecurityActionDnldAceGroup: A collection of object providing feature type of downloaded ACE.
caqSecurityDownloadAclInfoGroup: A collection of object providing downloaded ACL information.
caqSecurityDownloadIpAceGroup: A collection of object providing download IP ACE information.
caqIfDownloadAclMapGroup: A collection of object providing mapping information of downloaded ACL to capable interface.
caqIfIpPhoneMapGroup: A collection of object providing mapping information of IP phone to capable interface where downloaded ACL is utilized.
caqIpAceTypeGroup: A collection of object providing the type of an Ip ACE.
caqIpOperClassifierGroup: A collection of objects provides the operational mapping of IP ACLs to each applicable interface.
caqDownloadClassifierGroup: A collection of objects provides the mapping of ACLs to each applicable interface downloaded by security features.
caqArpLoggingSourceGroup: A collection of objects provides the logging source of ARP flow.

Download IPHost Network Monitor (500 monitors for 30 days, 50 monitors free forever) to start monitoring network devices right now.

MIBs list