HUAWEI-ETHARP-MIB

S12700 and S12700E V200R019C10 MIB Reference

This document provides the function overview, relationships between tables, description of single objects, description of MIB tables, and description of alarm objects.

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

HUAWEI-ETHARP-MIB

Functions Overview
Relationship Between Tables
Description of Single Objects
Description of MIB Tables
Description of Alarm Objects
Unsupported Objects

Functions Overview

To protect users against attacks, the following measures are taken:

ARP entry restriction
Anti-ARP attack
Network segment scan

The HUAWEI-ETHARP-MIB has the following functions:

Configuring ARP entry restriction
Checking the entry restriction of each interface
Checking the ARP entry learned based on the interface or the interface + VLAN ID
Checking the number of ARP packets that are discarded because of the entry restriction or timestamp suppression
Setting the time suppression rate based on the slot number
Setting to learn only the Response packet replied to the sent Request packet
Setting to send the Trap message when the suppression rate is exceeded
Setting the interval for sending alarm logs

You can query and set parameters related to the ARP aging on the HUAWEI-ARP-MIB, and now only the ARP aging detection mode and the type of ARP aging detection packets are supported.

The following modules can be set through the NMS:

Timestamp suppression module

The NMS supports the configuration of logging ARP attack defense and the interval of Trap messages.
The NMS supports the configuration of strict ARP learning.
The NMS supports the configuration of timestamp suppression rate.

ARP entry restriction module

Each ARP entry restriction has the corresponding private MIB, through which the NMS can query the number of current entries.
ARP entry restriction can be set through the NMS.
The NMS can query ARP entries or the statistics of ARP entries through the MIB.

The OID of the root object is:

iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).huawei(2011).huaweiMgmt(5).hwDatacomm(25).hwEthernetARPMIB(123)

Relationship Between Tables

The tables of this MIB are mutually independent.

Description of Single Objects

hwEthernetARPAntiAttackLog

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.1	hwEthernetARPAntiAttackLog	Integer 32 ( 0..1200 )	Read-write	The value of this object identifies the configured ARP attack defense log and the configured interval of Trap messages. By default, the value is 0.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPLearningStrict

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.2	hwEthernetARPLearningStrict	Integer( enable ( 1 ), disable( 2 ) )	Read-write	The value of this object identifies whether strict ARP learning is enabled. By default, strict ARP learning is disabled.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPSpeedLimitIfIndex

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.4	hwEthernetARPSpeedLimitIfIndex	INTEGER	Accessible-for-notify	This object Indicates an interface enabled with ARP-MISS or an interface receiving the ARP packets.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPSpeedLimitConfigured

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.5	hwEthernetARPSpeedLimitConfigured	INTEGER (0..4294967295)	Accessible-for-notify	The value of this object identifies the timestamp suppression rate configured on the interface, through which the Trap message is sent.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPSpeedLimitCurrent

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.6	hwEthernetARPSpeedLimitCurrent	INTEGER (0..4294967295)	Accessible-for-notify	The value of this object identifies the current timestamp suppression rate of the interface, through which the Trap message is sent.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPSpeedLimitType

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.7	hwEthernetARPSpeedLimitType	OCTET STRING	Accessible-for-notify	This object indicates the timestamp suppression type that is used when the Trap message is sent.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPSpeedLimitSrcIPAddr

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.8	hwEthernetARPSpeedLimitSrcIPAddr	OCTET STRING (SIZE (4))	Accessible-for-notify	This object indicates the source IP address of the attack that triggers a Trap message.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPSpeedLimitDstIPAddr

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.9	hwEthernetARPSpeedLimitDstIPAddr	OCTET STRING (SIZE (4))	Accessible-for-notify	This object indicates the destination IP address of the attack that triggers a Trap message.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPSpeedLimitVPNinstance

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.10	hwEthernetARPSpeedLimitVPNinstance	OCTET STRING (SIZE (1..64))	Accessible-for-notify	This object indicates the name of the VPN instance through which the Trap message is sent.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPThresholdValue

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.26.1	hwEthernetARPThresholdValue	INTEGER (0..4294967295)	Accessible-for-notify	The alarm threshold.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPThresholdDynamicNumber

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.26.2	hwEthernetARPThresholdDynamicNumber	INTEGER (0..4294967295)	Accessible-for-notify	Indicates the number of dynamic ARP entries.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPThresholdStaticNumber

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.26.3	hwEthernetARPThresholdStaticNumber	INTEGER (0..4294967295)	Accessible-for-notify	Indicates the number of static ARP entries.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPConflictDetect

OID	Object Name	Syntax	Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.27	hwEthernetARPConflictDetect	INTEGER {ipv4full (0),ipv6full (1),ipv4mask (2),ipv6mask (3),dpi (4),tcp (5),ipv4comp (6),ipv6comp (7),ipv4dyn (8),ipv6dyn (9)}	read-write	Enable the function of IP address conflicts detection.	This object is implemented as defined in the corresponding MIB files.

Description of MIB Tables

hwEthernetARPSpeedLimitTable

The creation, deletion, or modification of the entries in this table, or access to the attributes of these entries can implement ARP timestamp suppression based on the slot number.

The indexes of this table are hwEthernetARPLimitSlot, hwEthernetARPLimitType, and hwEthernetARPLimitIPType.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.3.1.1	hwEthernetARPLimitSlot	Integer32( 0..15)	Not-accessible	The value of this object identifies the ID of the slot that is configured with the timestamp suppression rate.	Integer32( 0..15)
1.3.6.1.4.1.2011.5.25.123.1.3.1.2	hwEthernetARPLimitType	Enumeration ( arp ( 1 ), arpmiss ( 2 ) )	Not-accessible	The value of this object identifies the type of the packets configured with ARP timestamp suppression, such as ARP and ARP-Miss packets.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.3.1.3	hwEthernetARPLimitIPType	Integer32 ( sourceip ( 4 ), destinationip ( 8 ) )	Not-accessible	The value of this object identifies the type of IP addresses based on which ARP timestamp suppression is performed, such as the destination-based and source-based suppression.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.3.1.4	hwEthernetARPLimitSpeedValue	Unsigned32( 0..65536 )	Read-write	The value of this object identifies the configured timestamp suppression rate.	Unsigned32( 0..16384 )

Creation Restriction

No entry can be created in this table.

Modification Restriction

In the case of ARP-Miss, hwEthernetARPLimitIPType must be source-IP-based timestamp suppression.

Deletion Restriction

No entry can be deleted in this table.

Access Restriction

The entries in this table can be read without restraint.

hwEthernetARPStaticsTable

This table can query the statistics of ARP packets based on the slot number, mainly including the number of packets discarded for entry restriction or timestamp suppression.

The index of this table is hwEthernetARPStaticsSlot.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.11.1.1	hwEthernetARPStaticsSlot	Integer32(0..15) (65535, 65535)	Not-accessible	The value of this object identifies the slot ID of the specified statistics.	Integer32(0..15) (65535, 65535)
1.3.6.1.4.1.2011.5.25.123.1.11.1.2	hwEthernetARPStaticsLearnTotal	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of times of learning ARP entries. Note that the value does not identify the number of ARP entries.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.3	hwEthernetARPDropForLimit	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of ARP entries discarded because of entry restriction.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.4	hwEthernetARPDropForARPSuppress	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of ARP packets discarded because of timestamp suppression.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.5	hwEthernetARPDropForARPMissSuppress	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of ARP-Miss packets discarded because of timestamp suppression.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.6	hwEthernetARPDropForOther	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of ARP packets discarded for other reasons.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.7	hwEthernetARPMissDropForOther	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of ARP-Miss messages discarded because of other reasons.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.8	hwEthernetARPRcvNum	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of the received ARP packets.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.9	hwEthernetARPMissRcvNum	Counter32( 1..4294967294 )	Read-only	The value of this object identifies the number of the received ARP-Miss messages.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.10	hwEthernetARPStaticsOperation	Integer32( reset( 1 ), unused ( 2 ) )	Read-write	The value of this object identifies whether the function of resetting the number of ARP packets on each LPU is used.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.11.1.11	hwEthernetARPDropForARPProxySuppress	INTEGER (0..4294967295)	Read-only	The number of discarded packets caused by the ARP-PROXY suppress.	This object is implemented as defined in the corresponding MIB files.

Creation Restriction

No entry can be created in this table.

Modification Restriction

The entries in this table cannot be modified.

Deletion Restriction

The entries in this table cannot be deleted.

Access Restriction

In hwEthernetARPStatisticsTable, you can query the statistics of a specific slot (including the main control interface board) or all the boards. When the value of hwEthernetARPStaticsSlot is 65535, it indicates that the statistics of ARP packets on all the boards are taken. When the value of hwEthernetARPStaticsOperation is reset(1), it indicates that the statistics of a specific board or all the boards are reset.

hwEthARPLimitTable

The creation, deletion, or modification of the entries in this table, or access to the attributes of these entries can implement ARP entry restriction based on the Layer 3 interface index or Layer 2 interface index + VLAN ID.

The indexes of this table are hwEthARPLimitCfgIfindex, hwEthARPVLANFirst, and hwEthARPVLANLast.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.13.1.1	hwEthARPLimitCfgIfindex	INTEGER	Not-accessible	This object indicates the interface to be configured with entry restriction.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.13.1.2	hwEthARPVLANFirst	Integer32( 0..4094 )	Not-accessible	The value of this object identifies the first value of the VLAN ID range. The VLAN ID of a Layer 3 interface is 0.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.13.1.3	hwEthARPVLANLast	Integer32( 0..4094 )	Not-accessible	The value of this object identifies the second value of the VLAN ID range. The VLAN ID of a Layer 3 interface is 0.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.13.1.4	hwEthARPLimitNum	Integer32( 1..2147483647)	Read-create	The value of this object identifies the maximum number of ARP entries.	Integer32(1..16384)
1.3.6.1.4.1.2011.5.25.123.1.13.1.5	hwEthARPLimitRowStatus	INTEGER{active(1),notInService(2),notReady(3),createAndGo(4),createAndWait(5),destroy(6)}	Read-create	This object indicates the row status.	This object is implemented as defined in the corresponding MIB files.

Creation Restriction

Configure ARP entry restriction on the Layer 2 interface. The following is an example:

The VLANs from Vlan 1 to Vlan 5 of the Layer 2 interface are configured with ARP entry restriction. In addition, the VLANs from Vlan 3 to Vlan 8 of this Layer 2 interface need to be configured with ARP entry restriction.

You can only use active (1) to modify this entry because the VLANs from Vlan 3 to Vlan 5 of this Layer 2 interface are configured with ARP entry restriction.
You can only use createAndGo (4) to create this entry because the VLANs from Vlan 6 to Vlan 8 of this Layer 2 interface are not configured with ARP entry restriction.

If conflict occurs, choose createAndGo (4).

Modification Restriction

Configure ARP entry restriction on the Layer 2 interface. The following is an example:

The VLANs from Vlan 1 to Vlan 5 of the Layer 2 interface are configured with ARP entry restriction.

If the VLANs from Vlan 2 to Vlan 5 of this Layer 2 interface need to be configured with ARP entry restriction, you can only use active (1) to modify this entry.

Deletion Restriction

To keep this MIB the same as command lines, if the index is valid, that is, the interface exists, hwEthARPLimitTable can be successfully deleted regardless of whether the interface corresponding to this index is configured with ARP entry restriction.

If the VLANs from Vlan 1 to Vlan 5 of the Layer 2 interface are configured with ARP entry restriction, note the following:

On this MIB, ARP entry restriction configured on the VLANSs from Vlan 3 to Vlan 8, and from Vlan 3 to Vlan 5 of this Layer 2 interface can be successfully deleted.
On this MIB, ARP entry restriction configured on the VLANSs from Vlan 1 to Vlan 4 of this Layer 2 interface can be successfully deleted.

Access Restriction

When setting or querying the maximum number of ARP packets on a Layer 3 interface, fill in VLAN ID with 0.

When configuring a Layer 2 interface with ARP entry restriction, use a VLAN ID range to configure the other VLAN ID range. However, when querying the maximum number of ARP packets on a specified VLAN of a specified interface, ensure that the values of hwEthARPVLANFirst and hwEthARPVLANLast are the same and valid.

hwEthernetARPLearningStrictInterfaceTable

The creation, deletion, or modification of the entries in this table, or access to the attributes of these entries can forcibly enable or disable strict ARP learning based on the interface.

The index of this table is hwEthernetARPLearningStrictIfindex.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.14.1.1	hwEthernetARPLearningStrictIfindex	INTEGER	Not-accessible	This object indicates the index of the interface, on which strict ARP learning is forcibly enabled or disabled.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.14.1.2	hwEthernetARPLearningStrictState	Integer( forceenable ( 1 ), forcedisable( 2 ) )	Read-create	The values of this object are as follows: 1: indicates that strict ARP learning is forcibly enabled. 2: indicates that strict ARP learning is forcibly disabled.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.14.1.3	hwEthernetARPLearningStrictRowStatus	INTEGER{active(1),notInService(2),notReady(3),createAndGo(4),createAndWait(5),destroy(6)}	Read-create	This object indicates the row status.	This object is implemented as defined in the corresponding MIB files.

OID

Object Name

Syntax

Max Access

Description

Implemented Specifications

1.3.6.1.4.1.2011.5.25.123.1.14.1.1

hwEthernetARPLearningStrictIfindex

INTEGER

Not-accessible

This object indicates the index of the interface, on which strict ARP learning is forcibly enabled or disabled.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.25.123.1.14.1.2

hwEthernetARPLearningStrictState

Integer( forceenable ( 1 ), forcedisable( 2 ) )

Read-create

The values of this object are as follows:

1: indicates that strict ARP learning is forcibly enabled.

2: indicates that strict ARP learning is forcibly disabled.

This object is implemented as defined in the corresponding MIB files.

1.3.6.1.4.1.2011.5.25.123.1.14.1.3

hwEthernetARPLearningStrictRowStatus

INTEGER{active(1),notInService(2),notReady(3),createAndGo(4),createAndWait(5),destroy(6)}

Read-create

This object indicates the row status.

This object is implemented as defined in the corresponding MIB files.

Creation Restriction

The entries in this table can be created without restraint.

Modification Restriction

None

Deletion Restriction

None

Access Restriction

The entries in this table can be read without restraint.

hwArpEntryExpireControlTable

This table describes the configuration and query of ARP aging detection modes.

The index of this table is hwArpEntryExpireIfIndex.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.16.1.1	hwArpEntryExpireIfIndex	INTEGER	Not-accessible	This object indicates that the interface index of the parameters related to ARP aging detection is configured. The value 0 is invalid.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.16.1.2	hwArpEntryExpireDetectMode	Integer {broadcast(1), unicast(2)}	Read-write	ARP aging detection modes, When the ARP aging detection mode is unicast, the device sends the ARP aging detection packet in unicast mode before aging. When the ARP aging detection mode is broadcast, the device sends ARP aging detection packets in broadcast mode before aging. By default, the broadcast mode is used.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.16.1.3	hwArpEntryExpireFakeTime	Integer32(1..36000)	Read-write	This object indicates the expire time of ARP fake entry. The valid range is from 1 to 36000, and the default value is 3.	This object is implemented as defined in the corresponding MIB files.

Creation Restriction

The entries in this table can be created without restriction.

Modification Restriction

The entries in this table can be modified without restriction.

Deletion Restriction

None.

Access Restriction

None.

hwArpDynTable

The table describes the dynamic ARP entries of the device.

The index of this table is hwArpDynIfIndex, hwArpDynIpAdd and hwArpDynVrf.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.17.1.1	hwArpDynIfIndex	Integer32(1..2147483647)	Not-accessible	This object indicates the index of the Layer 3 interface that generates a dynamic ARP entry. The value 0 is invalid.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.17.1.2	hwArpDynIpAdd	OCTET STRING (SIZE (4))	Not-accessible	This object indicates the IP address of a dynamic ARP entry. The value 0 is invalid.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.17.1.3	hwArpDynVrf	OCTET STRING (SIZE (0..32))	Not-accessible	This object indicates the VPN name of a dynamic ARP entry.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.17.1.11	hwArpDynMacAdd	DisplayString (SIZE (0..255))	Read-only	This object indicates the MAC address of a dynamic ARP entry.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.17.1.12	hwArpDynVlanId	Integer32(0..4096)	Read-only	This object indicates the VLAN of a dynamic ARP entry.	This object is implemented as defined in the corresponding MIB files. The value ranges from 1 to 4094.
1.3.6.1.4.1.2011.5.25.123.1.17.1.13	hwArpDynCeVlanId	Integer32(0..4096)	Read-only	This object indicates the inner VLAN of a dynamic ARP entry.	This object is implemented as defined in the corresponding MIB files. The value ranges from 1 to 4094.
1.3.6.1.4.1.2011.5.25.123.1.17.1.14	hwArpDynOutIfIndex	INTEGER	Read-only	This object indicates the index of the outbound interface for a dynamic ARP entry.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.17.1.15	hwArpDynExpireTime	Integer32(0..2147483647)	Read-only	This object indicates the expire time of a dynamic ARP entry.	This object is implemented as defined in the corresponding MIB files.

Creation Restriction

No entry can be created in this table.

Modification Restriction

The entries in this table cannot be modified.

Deletion Restriction

The entries in this table cannot be deleted.

Access Restriction

None

hwArpCfgTable

This table is used to configure and query static ARP entries.

The index of this table is hwArpCfgIpAdd and hwArpCfgVrf.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.18.1.1	hwArpCfgIpAdd	OCTET STRING (SIZE (4))	Not-accessible	This object indicates the IP address of a configured static ARP entry. The value 0 is invalid.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.18.1.2	hwArpCfgMacAdd	OCTET STRING (SIZE (6))	Read-create	This object indicates the MAC address of a configured static ARP entry.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.18.1.3	hwArpCfgVrf	OCTET STRING (SIZE (0..32))	Not-accessible	This object indicates the VPN name of a configured static ARP entry.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.18.1.11	hwArpCfgVlanId	Integer32 (0..4096)	Read-create	This object indicates the VLAN of a configured static ARP entry.	This object is implemented as defined in the corresponding MIB files. The value ranges from 1 to 4094.
1.3.6.1.4.1.2011.5.25.123.1.18.1.12	hwArpCfgCeVlanId	Integer32 (0..4096)	Read-create	This object indicates the inner VLAN of a configured static ARP entry.	This object is implemented as defined in the corresponding MIB files. The value ranges from 1 to 4094.
1.3.6.1.4.1.2011.5.25.123.1.18.1.13	hwArpCfgOutIfIndex	Integer32 (0..2147483647)	Read-create	This object indicates the index of the outbound interface of a configured static ARP entry.	This object is implemented as defined in the corresponding MIB files.
1.3.6.1.4.1.2011.5.25.123.1.18.1.51	hwArpCfgRowstatus	INTEGER{active(1),notInService(2),notReady(3),createAndGo(4),createAndWait(5),destroy(6)}	Read-create	This object indicates the row status of a configured static ARP entry.	This object is implemented as defined in the corresponding MIB files.

Creation Restriction

None

Modification Restriction

None

Deletion Restriction

None

Access Restriction

None

hwArpSecValidateTable

This table is used to enable an interface to check the received ARP packet to determine whether the source MAC address and destination MAC address in the Ethernet packet header are the same as those in the Data field of the ARP packet. If they are not the same, the ARP packet is discarded. If they are the same, the ARP packet is forwarded.

The index of this table is hwArpSecValidateIfIndex.

OID	Object Name	Syntax	Max Access	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.1.24.1.1	hwArpSecValidateIfIndex	INTEGER	Not-accessible	This object indicates the index of the interface that is enabled to check ARP packets.	This object is implemented as defined in the corresponding MIB file.
1.3.6.1.4.1.2011.5.25.123.1.24.1.2	hwArpSecValidateSmac	INTEGER{enabled(1),disabled(2)}	Read-create	This object indicates that an interface is enabled to check the received ARP packet to determine whether the source MAC address in the Ethernet packet header is the same as that in the Data field of the ARP packet.	This object is implemented as defined in the corresponding MIB file.
1.3.6.1.4.1.2011.5.25.123.1.24.1.3	hwArpSecValidateDmac	INTEGER{enabled(1),disabled(2)}	Read-create	This object indicates that an interface is enabled to check the received ARP packet to determine whether the destination MAC address in the Ethernet packet header is the same as that in the Data field of the ARP packet.	This object is implemented as defined in the corresponding MIB file.
1.3.6.1.4.1.2011.5.25.123.1.24.1.51	hwArpSecValidateRowStatus	INTEGER{active(1),notInService(2),notReady(3),createAndGo(4),createAndWait(5),destroy(6)}	Read-create	This object indicates the row status.	This object is implemented as defined in the corresponding MIB file.

Creation Restriction

This table cannot be created on sub-interfaces, VLANIF interfaces, or Eth-Trunk member interfaces.

When creating this table, ensure that an interface is enabled to check the received ARP packet to determine whether the source MAC address or destination MAC address in the Ethernet packet header is the same as that in the Data field of the ARP packet.

Modification Restriction

None

Deletion Restriction

None

Access Restriction

The entries in this table can be read without restriction.

Description of Alarm Objects

hwEthernetARPSpeedLimitAlarm

OID	Object Name	Bound Variable	Description	Max Access
1.3.6.1.4.1.2011.5.25.123.2.1	hwEthernetARPSpeedLimitAlarm	hwEthernetARPSpeedLimitIfIndex hwEthernetARPSpeedLimitConfigured hwEthernetARPSpeedLimitCurrent hwEthernetARPSpeedLimitType hwEthernetARPSpeedLimitSrcIPAddr hwEthernetARPSpeedLimitDstIPAddr hwEthernetARPSpeedLimitVPNinstance	An alarm is generated when the rate at which the interface receives ARP packets exceeds the rate set by ARP timestamp suppression.	This object is implemented as defined in the corresponding MIB files.

OID

Object Name

Bound Variable

Description

Max Access

1.3.6.1.4.1.2011.5.25.123.2.1

hwEthernetARPSpeedLimitAlarm

hwEthernetARPSpeedLimitIfIndex

hwEthernetARPSpeedLimitConfigured

hwEthernetARPSpeedLimitCurrent

hwEthernetARPSpeedLimitType

hwEthernetARPSpeedLimitSrcIPAddr

hwEthernetARPSpeedLimitDstIPAddr

hwEthernetARPSpeedLimitVPNinstance

An alarm is generated when the rate at which the interface receives ARP packets exceeds the rate set by ARP timestamp suppression.

This object is implemented as defined in the corresponding MIB files.

hwEthernetARPThresholdExceedAlarm

OID	Object Name	Bound Variable	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.2.4	hwEthernetARPThresholdExceedAlarm	1: entPhysicalName 2: hwEthernetARPThresholdValue 3: hwEthernetARPThresholdDynamicNumber 4: hwEthernetARPThresholdStaticNumber	The number of ARP entries on the device exceeded the upper threshold.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPThresholdResumeAlarm

OID	Object Name	Bound Variable	Description	Implemented Specifications
1.3.6.1.4.1.2011.5.25.123.2.5	hwEthernetARPThresholdResumeAlarm	1: entPhysicalName 2: hwEthernetARPThresholdValue 3: hwEthernetARPThresholdDynamicNumber 4: hwEthernetARPThresholdStaticNumber	The number of ARP entries on the device fell below the upper threshold.	This object is implemented as defined in the corresponding MIB files.

hwEthernetARPIPConflictEvent

OID	Object Name	Bound Variable	Description	Max Access
1.3.6.1.4.1.2011.5.25.123.2.6	hwEthernetARPIPConflictEvent	hwEthernetARPIPConflictIPAddress hwEthernetARPIPConflictLocalInterfaceName hwEthernetARPIPConflictLocalMAC hwEthernetARPIPConflictLocalVLAN hwEthernetARPIPConflictLocalCEVLAN hwEthernetARPIPConflictReceiveInterfaceName hwEthernetARPIPConflictReceiveMAC hwEthernetARPIPConflictReceiveVLAN hwEthernetARPIPConflictReceiveCEVLAN hwEthernetARPIPConflictType	IP address conflict is detected by the device, and the IP address conflict alarm is generated.	This object is implemented as defined in the corresponding MIB files.

Unsupported Objects

The functions corresponding to the following objects are not supported on the device. Do not use these MIB objects to maintain the device.

Table 46-1 List of unsupported objects

Object ID	Object Name	Table
1.3.6.1.4.1.2011.5.25.123.1.29.1.1	hwEthernetARPLearnStopSlot	hwEthernetARPLearnStopTable
1.3.6.1.4.1.2011.5.25.123.1.29.1.2	hwEthernetARPLearnStopThreshold	hwEthernetARPLearnStopTable

Functions Overview
Relationship Between Tables
Description of Single Objects
Description of MIB Tables
Description of Alarm Objects
Unsupported Objects

Translation

简体中文

Download

Updated: 2022-05-25

Document ID: EDOC1100126932

Downloads: 106

Average rating:

This Document Applies to these Products

Related Version

Digital Signature File

Digital Signature Authentication Mode

Enterprise

Huawei Cloud

Carrier

Consumer

Corporate

This document provides the function overview, relationships between tables, description of single objects, description of MIB tables, and description of alarm objects.

Functions Overview

Relationship Between Tables

Description of Single Objects

hwEthernetARPAntiAttackLog

hwEthernetARPLearningStrict

hwEthernetARPSpeedLimitIfIndex

hwEthernetARPSpeedLimitConfigured

hwEthernetARPSpeedLimitCurrent

hwEthernetARPSpeedLimitType

hwEthernetARPSpeedLimitSrcIPAddr

hwEthernetARPSpeedLimitDstIPAddr

hwEthernetARPSpeedLimitVPNinstance

hwEthernetARPThresholdValue

hwEthernetARPThresholdDynamicNumber

hwEthernetARPThresholdStaticNumber

hwEthernetARPConflictDetect

Description of MIB Tables

hwEthernetARPSpeedLimitTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

hwEthernetARPStaticsTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

hwEthARPLimitTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

hwEthernetARPLearningStrictInterfaceTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

hwArpEntryExpireControlTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

hwArpDynTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

hwArpCfgTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

hwArpSecValidateTable

Creation Restriction

Modification Restriction

Deletion Restriction

Access Restriction

Description of Alarm Objects

hwEthernetARPSpeedLimitAlarm

hwEthernetARPThresholdExceedAlarm

hwEthernetARPThresholdResumeAlarm

hwEthernetARPIPConflictEvent

Unsupported Objects

Related Version

Related Documents

Digital Signature File