CISCO-IP-URPF-MIB Download
Unicast Reverse Path Forwarding (URPF) is a function
that checks the validity of the source address of IP
packets received on an interface. This in an attempt
to prevent Denial of Service attacks based on IP address
spoofing.
URPF checks validity of a source address by determining
whether the packet would be successfully routed as a
destination address.
Based on configuration, the check made can be for existence
of any route for the address, or more strictly for a route
out the interface on which the packet was received by the
device. When a violating packet is detected, it can be dropped.
This MIB allows detection of spoofing events.
IPHost Network Monitor offer an easy way of SNMP monitoring your Cisco Servers, Routers, Switches, Bridges,
Firewalls, Repeaters.
OID list for CISCO-IP-URPF-MIB
- cipUrpfDropRateWindow
- The window of time in the recent past over which the drop count used in the drop rate computation is collected. This global value applies for the computation of all URPF rates, global and per-interface. Once the period over which computations have been pe ...
- cipUrpfComputeInterval
- The time between rate computations. This global value applies for the computation of all URPF rates, global and per-interface. When the value of cipUrpfComputeInterval is changed, the interval in-progress proceeds as though the value had not changed. The ...
- cipUrpfDropNotifyHoldDownTime
- The minimum time between issuance of cipUrpfIfDropRateNotify notifications for a particular interface and packet forwarding type. Notifications are generated for each interface and packet forwarding type that exceeds the drop-rate. When a Notify is sent b ...
- cipUrpfTable
- This table contains summary information for the managed device on URPF dropping.
- cipUrpfEntry
- If the managed device supports URPF dropping, a row exists for each IP version type (v4 and v6). A row contains summary information on URPF dropping over the entire managed device.
- cipUrpfIpVersion
- Specifies the version of IP forwarding on an interface to which the table row URPF counts, rates, and configuration apply.
- cipUrpfDrops
- Sum of dropped IP version cipUrpfIpVersion packets failing a URPF check. This value is the sum of drops of packets received on all interfaces of the managed device.
- cipUrpfDropRate
- The rate of packet drops of IP version cipUrpfIpVersion packets due to URPF for the managed device. The per-interface drop rate notification is issued on rates exceeding a limit (rising rate). This dropping may indicate an security attack on the network. ...
- cipUrpfIfMonTable
- This table contains information on URPF dropping on an interface.
- cipUrpfIfMonEntry
- If IPv4 packet forwarding is configured on an interface, and is configured to perform URPF checking, a row appears in this table with indices [ifIndex][ipv4]. If IPv4 packet forwarding is deconfigured, or URPF checking is deconfigured, the row disappears. ...
- cipUrpfIfIpVersion
- Specifies the version of IP forwarding on an interface to which the table row URPF counts, rates, and configuration apply.
- cipUrpfIfDrops
- The number of IP packets of version cipUrpfIfIpVersion failing the URPF check and dropped by the managed device on a particular interface. Discontinuities in the value of this variable can occur at re-initialization of the management system, and at other ...
- cipUrpfIfSuppressedDrops
- The number of IP packets of version cipUrpfIfIpVersion failing the URPF check but given a reprieve and not dropped by the managed device. Depending on the device configuration and capabilities, the following cases may cause incrementing of the counter: - ...
- cipUrpfIfDropRate
- The rate of packet drops of IP version cipUrpfIfIpVersion packets due to URPF on the interface. This object is the average rate of dropping over the most recent interval of time. The rate is computed by dividing the number of packets dropped over an inter ...
- cipUrpfIfDiscontinuityTime
- The value of sysUpTime on the most recent occasion at which this interface's counters suffered a discontinuity. If no such discontinuities have occurred since the last re-initialization of the local management subsystem, then this object contains a valu ...
- cipUrpfIfConfTable
- This table contains statistics information on URPF on an interface.
- cipUrpfIfConfEntry
- A row exists in this table if a row exists in cipUrpfIfMonTable.
- cipUrpfIfDropRateNotifyEnable
- This object specifies whether the system produces the cipUrpfIfDropRateNotify notification as a result of URPF dropping of version cipUrpfIfIpVersion IP packets on this interface. A false value prevents such notifications from being generated by this syst ...
- cipUrpfIfNotifyDropRateThreshold
- When the calculated rate of URPF packet drops (cipUrpfIfDropRate) meets or exceeds the value specified by this object, a cipUrpfIfDropRateNotify notification is sent if cipUrpfIfDropRateNotifyEnable is set to true, and no such notification for the IP vers ...
- cipUrpfIfNotifyDrHoldDownReset
- Setting this object to true causes the five-minute hold-down timer for emitting URPF drop rate notifications for IP version cipUrpfIfIpVersion on the interface to be short-circuited. If a notification is due and would be emitted for the interface if the ...
- cipUrpfIfCheckStrict
- Interface configuration indicating the strictness of the reachability check performed on the interface. - strict: check that source addr is reachable via the interface it came in on. - loose : check that source addr is reachable via some interface on the ...
- cipUrpfIfWhichRouteTableID
- Interface configuration indicating the routing table consulted for the reachability check: - default: the non-private routing table for of the managed system. - vrf : a particular VPN routing table.
- cipUrpfIfVrfName
- If the value of cipUrpfIfWhichRouteTableID is 'vrf', the name of the VRF Table. Otherwise a zero-length string.
- cipUrpfVrfTable
- This table enables indexing URPF drop statistics by Virtual Routing and Forwarding instances.
- cipUrpfVrfEntry
- An entry exists for a VRF if and only if the VRF is associated with an interface that is configured to perform IP URPF checking using the routing table for that VRF.
- cipUrpfVrfName
- This field is used to specify the VRF Table name.
- cipUrpfVrfIfTable
- This table contains statistics information for interfaces performing URPF using VRF table to determine reachability.
- cipUrpfVrfIfEntry
- An entry exists for a VRF and interface if and only if the VRF associated with the interface is configured to perform IP URPF checking using the routing table for the VRF.
- cipUrpfVrfIfDrops
- The number of packets failing the URPF check for a VRF on the interface and dropped by the managed device. Discontinuities in the value of this variable can occur at re-initialization of the management system, and at other times as indicated by the values ...
- cipUrpfVrfIfDiscontinuityTime
- The value of sysUpTime on the most recent occasion at which the URPF counters for this VRF on this interface suffered a discontinuity. If no such discontinuities have occurred since the last re-initialization of the local management subsystem, then this ...
- ciscoIpUrpfMIBMainObjectGroup
- The collection of common counter objects, those needed by other objects, and the common interface table.
- ciscoIpUrpfMIBVrfObjectGroup
- The collection of objects needed to index by VRF.
Download IPHost Network Monitor (500 monitors for 30 days, 50 monitors free forever) to start monitoring network devices right now.
