TUNNEL-MIB DEFINITIONS ::= BEGIN

IMPORTS

    MODULE-IDENTITY, OBJECT-TYPE, transmission,

    Integer32, IpAddress    FROM SNMPv2-SMI          -- [RFC2578]

    RowStatus, StorageType  FROM SNMPv2-TC           -- [RFC2579]

    MODULE-COMPLIANCE,

    OBJECT-GROUP            FROM SNMPv2-CONF         -- [RFC2580]

    InetAddressType,

    InetAddress             FROM INET-ADDRESS-MIB    -- [RFC4001]

    IPv6FlowLabelOrAny      FROM IPV6-FLOW-LABEL-MIB -- [RFC3595]

    ifIndex,

    InterfaceIndexOrZero    FROM IF-MIB              -- [RFC2863]

    IANAtunnelType          FROM IANAifType-MIB;     -- [IFTYPE]

tunnelMIB MODULE-IDENTITY

    LAST-UPDATED "200505160000Z" -- May 16, 2005

    ORGANIZATION "IETF IP Version 6 (IPv6) Working Group"

    CONTACT-INFO

            " Dave Thaler

              Microsoft Corporation

              One Microsoft Way

              Redmond, WA  98052-6399

              EMail: dthaler@microsoft.com"

    DESCRIPTION

            "The MIB module for management of IP Tunnels,

            independent of the specific encapsulation scheme in

            use.

            Copyright (C) The Internet Society (2005).  This

            version of this MIB module is part of RFC 4087;  see

            the RFC itself for full legal notices."

    REVISION     "200505160000Z" -- May 16, 2005

    DESCRIPTION

            "IPv4-specific objects were deprecated, including

            tunnelIfLocalAddress, tunnelIfRemoteAddress, the

            tunnelConfigTable, and the tunnelMIBBasicGroup.

            Added IP version-agnostic objects that should be used

            instead, including tunnelIfAddressType,

            tunnelIfLocalInetAddress, tunnelIfRemoteInetAddress,

            the tunnelInetConfigTable, and the

            tunnelIMIBInetGroup.

            The new tunnelIfLocalInetAddress and

            tunnelIfRemoteInetAddress objects are read-write,

            rather than read-only.

            Updated DESCRIPTION clauses of existing version-

            agnostic objects (e.g., tunnelIfTOS) that contained

            IPv4-specific text to cover IPv6 as well.

            Added tunnelIfFlowLabel for tunnels over IPv6.

            The encapsulation method was previously an INTEGER

            type, and is now an IANA-maintained textual

            convention.

            Published as RFC 4087."

    REVISION     "199908241200Z" -- August 24, 1999

    DESCRIPTION

            "Initial version, published as RFC 2667."

    ::= { transmission 131 }

tunnelMIBObjects OBJECT IDENTIFIER ::= { tunnelMIB 1 }

tunnel      OBJECT IDENTIFIER ::= { tunnelMIBObjects 1 }

-- the IP Tunnel MIB-Group

--

-- a collection of objects providing information about

-- IP Tunnels

tunnelIfTable OBJECT-TYPE

    SYNTAX     SEQUENCE OF TunnelIfEntry

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "The (conceptual) table containing information on

            configured tunnels."

    ::= { tunnel 1 }

tunnelIfEntry OBJECT-TYPE

    SYNTAX     TunnelIfEntry

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "An entry (conceptual row) containing the information

            on a particular configured tunnel."

    INDEX      { ifIndex }

    ::= { tunnelIfTable 1 }

TunnelIfEntry ::= SEQUENCE {

    tunnelIfLocalAddress            IpAddress,   -- deprecated

    tunnelIfRemoteAddress           IpAddress,   -- deprecated

    tunnelIfEncapsMethod            IANAtunnelType,

    tunnelIfHopLimit                Integer32,

    tunnelIfSecurity                INTEGER,

    tunnelIfTOS                     Integer32,

    tunnelIfFlowLabel               IPv6FlowLabelOrAny,

    tunnelIfAddressType             InetAddressType,

    tunnelIfLocalInetAddress        InetAddress,

    tunnelIfRemoteInetAddress       InetAddress,

    tunnelIfEncapsLimit             Integer32

}

tunnelIfLocalAddress OBJECT-TYPE

    SYNTAX     IpAddress

    MAX-ACCESS read-only

    STATUS     deprecated

    DESCRIPTION

            "The address of the local endpoint of the tunnel

            (i.e., the source address used in the outer IP

            header), or 0.0.0.0 if unknown or if the tunnel is

            over IPv6.

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelIfLocalInetAddress."

    ::= { tunnelIfEntry 1 }

tunnelIfRemoteAddress OBJECT-TYPE

    SYNTAX     IpAddress

    MAX-ACCESS read-only

    STATUS     deprecated

    DESCRIPTION

            "The address of the remote endpoint of the tunnel

            (i.e., the destination address used in the outer IP

            header), or 0.0.0.0 if unknown, or an IPv6 address, or

            the tunnel is not a point-to-point link (e.g., if it

            is a 6to4 tunnel).

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelIfRemoteInetAddress."

    ::= { tunnelIfEntry 2 }

tunnelIfEncapsMethod OBJECT-TYPE

    SYNTAX     IANAtunnelType

    MAX-ACCESS read-only

    STATUS     current

    DESCRIPTION

            "The encapsulation method used by the tunnel."

    ::= { tunnelIfEntry 3 }

tunnelIfHopLimit OBJECT-TYPE

    SYNTAX     Integer32 (0 | 1..255)

    MAX-ACCESS read-write

    STATUS     current

    DESCRIPTION

            "The IPv4 TTL or IPv6 Hop Limit to use in the outer IP

            header.  A value of 0 indicates that the value is

            copied from the payload's header."

    ::= { tunnelIfEntry 4 }

tunnelIfSecurity OBJECT-TYPE

    SYNTAX     INTEGER {

                   none(1),   -- no security

                   ipsec(2),  -- IPsec security

                   other(3)

               }

    MAX-ACCESS read-only

    STATUS     current

    DESCRIPTION

            "The method used by the tunnel to secure the outer IP

            header.  The value ipsec indicates that IPsec is used

            between the tunnel endpoints for authentication or

            encryption or both.  More specific security-related

            information may be available in a MIB module for the

            security protocol in use."

    ::= { tunnelIfEntry 5 }

tunnelIfTOS OBJECT-TYPE

    SYNTAX     Integer32 (-2..63)

    MAX-ACCESS read-write

    STATUS     current

    DESCRIPTION

            "The method used to set the high 6 bits (the

            differentiated services codepoint) of the IPv4 TOS or

            IPv6 Traffic Class in the outer IP header.  A value of

            -1 indicates that the bits are copied from the

            payload's header.  A value of -2 indicates that a

            traffic conditioner is invoked and more information

            may be available in a traffic conditioner MIB module.

            A value between 0 and 63 inclusive indicates that the

            bit field is set to the indicated value.

            Note: instead of the name tunnelIfTOS, a better name

            would have been tunnelIfDSCPMethod, but the existing

            name appeared in RFC 2667 and existing objects cannot

            be renamed."

    ::= { tunnelIfEntry 6 }

tunnelIfFlowLabel OBJECT-TYPE

    SYNTAX     IPv6FlowLabelOrAny

    MAX-ACCESS read-write

    STATUS     current

    DESCRIPTION

            "The method used to set the IPv6 Flow Label value.

            This object need not be present in rows where

            tunnelIfAddressType indicates the tunnel is not over

            IPv6.  A value of -1 indicates that a traffic

            conditioner is invoked and more information may be

            available in a traffic conditioner MIB.  Any other

            value indicates that the Flow Label field is set to

            the indicated value."

    ::= { tunnelIfEntry 7 }

tunnelIfAddressType OBJECT-TYPE

    SYNTAX     InetAddressType

    MAX-ACCESS read-write

    STATUS     current

    DESCRIPTION

            "The type of address in the corresponding

            tunnelIfLocalInetAddress and tunnelIfRemoteInetAddress

            objects."

    ::= { tunnelIfEntry 8 }

tunnelIfLocalInetAddress OBJECT-TYPE

    SYNTAX     InetAddress

    MAX-ACCESS read-write

    STATUS     current

    DESCRIPTION

            "The address of the local endpoint of the tunnel

            (i.e., the source address used in the outer IP

            header).  If the address is unknown, the value is

            0.0.0.0 for IPv4 or :: for IPv6.  The type of this

            object is given by tunnelIfAddressType."

    ::= { tunnelIfEntry 9 }

tunnelIfRemoteInetAddress OBJECT-TYPE

    SYNTAX     InetAddress

    MAX-ACCESS read-write

    STATUS     current

    DESCRIPTION

            "The address of the remote endpoint of the tunnel

            (i.e., the destination address used in the outer IP

            header).  If the address is unknown or the tunnel is

            not a point-to-point link (e.g., if it is a 6to4

            tunnel), the value is 0.0.0.0 for tunnels over IPv4 or

            :: for tunnels over IPv6.  The type of this object is

            given by tunnelIfAddressType."

    ::= { tunnelIfEntry 10 }

tunnelIfEncapsLimit OBJECT-TYPE

    SYNTAX     Integer32 (-1 | 0..255)

    MAX-ACCESS read-write

    STATUS     current

    DESCRIPTION

            "The maximum number of additional encapsulations

            permitted for packets undergoing encapsulation at this

            node.  A value of -1 indicates that no limit is

            present (except as a result of the packet size)."

    REFERENCE  "RFC 2473, section 4.1.1"

    ::= { tunnelIfEntry 11 }

tunnelConfigTable OBJECT-TYPE

    SYNTAX     SEQUENCE OF TunnelConfigEntry

    MAX-ACCESS not-accessible

    STATUS     deprecated

    DESCRIPTION

            "The (conceptual) table containing information on

            configured tunnels.  This table can be used to map a

            set of tunnel endpoints to the associated ifIndex

            value.  It can also be used for row creation.  Note

            that every row in the tunnelIfTable with a fixed IPv4

            destination address should have a corresponding row in

            the tunnelConfigTable, regardless of whether it was

            created via SNMP.

            Since this table does not support IPv6, it is

            deprecated in favor of tunnelInetConfigTable."

    ::= { tunnel 2 }

tunnelConfigEntry OBJECT-TYPE

    SYNTAX     TunnelConfigEntry

    MAX-ACCESS not-accessible

    STATUS     deprecated

    DESCRIPTION

            "An entry (conceptual row) containing the information

            on a particular configured tunnel.

            Since this entry does not support IPv6, it is

            deprecated in favor of tunnelInetConfigEntry."

    INDEX      { tunnelConfigLocalAddress,

                 tunnelConfigRemoteAddress,

                 tunnelConfigEncapsMethod,

                 tunnelConfigID }

    ::= { tunnelConfigTable 1 }

TunnelConfigEntry ::= SEQUENCE {

    tunnelConfigLocalAddress            IpAddress,

    tunnelConfigRemoteAddress           IpAddress,

    tunnelConfigEncapsMethod            IANAtunnelType,

    tunnelConfigID                      Integer32,

    tunnelConfigIfIndex                 InterfaceIndexOrZero,

    tunnelConfigStatus                  RowStatus

}

tunnelConfigLocalAddress OBJECT-TYPE

    SYNTAX     IpAddress

    MAX-ACCESS not-accessible

    STATUS     deprecated

    DESCRIPTION

            "The address of the local endpoint of the tunnel, or

            0.0.0.0 if the device is free to choose any of its

            addresses at tunnel establishment time.

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelInetConfigLocalAddress."

    ::= { tunnelConfigEntry 1 }

tunnelConfigRemoteAddress OBJECT-TYPE

    SYNTAX     IpAddress

    MAX-ACCESS not-accessible

    STATUS     deprecated

    DESCRIPTION

            "The address of the remote endpoint of the tunnel.

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelInetConfigRemoteAddress."

    ::= { tunnelConfigEntry 2 }

tunnelConfigEncapsMethod OBJECT-TYPE

    SYNTAX     IANAtunnelType

    MAX-ACCESS not-accessible

    STATUS     deprecated

    DESCRIPTION

            "The encapsulation method used by the tunnel.

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelInetConfigEncapsMethod."

    ::= { tunnelConfigEntry 3 }

tunnelConfigID OBJECT-TYPE

    SYNTAX     Integer32 (1..2147483647)

    MAX-ACCESS not-accessible

    STATUS     deprecated

    DESCRIPTION

            "An identifier used to distinguish between multiple

            tunnels of the same encapsulation method, with the

            same endpoints.  If the encapsulation protocol only

            allows one tunnel per set of endpoint addresses (such

            as for GRE or IP-in-IP), the value of this object is

            1.  For encapsulation methods (such as L2F) which

            allow multiple parallel tunnels, the manager is

            responsible for choosing any ID which does not

            conflict with an existing row, such as choosing a

            random number.

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelInetConfigID."

    ::= { tunnelConfigEntry 4 }

tunnelConfigIfIndex OBJECT-TYPE

    SYNTAX     InterfaceIndexOrZero

    MAX-ACCESS read-only

    STATUS     deprecated

    DESCRIPTION

            "If the value of tunnelConfigStatus for this row is

            active, then this object contains the value of ifIndex

            corresponding to the tunnel interface.  A value of 0

            is not legal in the active state, and means that the

            interface index has not yet been assigned.

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelInetConfigIfIndex."

    ::= { tunnelConfigEntry 5 }

tunnelConfigStatus OBJECT-TYPE

    SYNTAX     RowStatus

    MAX-ACCESS read-create

    STATUS     deprecated

    DESCRIPTION

            "The status of this row, by which new entries may be

            created, or old entries deleted from this table.  The

            agent need not support setting this object to

            createAndWait or notInService since there are no other

            writable objects in this table, and writable objects

            in rows of corresponding tables such as the

            tunnelIfTable may be modified while this row is

            active.

            To create a row in this table for an encapsulation

            method which does not support multiple parallel

            tunnels with the same endpoints, the management

            station should simply use a tunnelConfigID of 1, and

            set tunnelConfigStatus to createAndGo.  For

            encapsulation methods such as L2F which allow multiple

            parallel tunnels, the management station may select a

            pseudo-random number to use as the tunnelConfigID and

            set tunnelConfigStatus to createAndGo.  In the event

            that this ID is already in use and an

            inconsistentValue is returned in response to the set

            operation, the management station should simply select

            a new pseudo-random number and retry the operation.

            Creating a row in this table will cause an interface

            index to be assigned by the agent in an

            implementation-dependent manner, and corresponding

            rows will be instantiated in the ifTable and the

            tunnelIfTable.  The status of this row will become

            active as soon as the agent assigns the interface

            index, regardless of whether the interface is

            operationally up.

            Deleting a row in this table will likewise delete the

            corresponding row in the ifTable and in the

            tunnelIfTable.

            Since this object does not support IPv6, it is

            deprecated in favor of tunnelInetConfigStatus."

    ::= { tunnelConfigEntry 6 }

tunnelInetConfigTable OBJECT-TYPE

    SYNTAX     SEQUENCE OF TunnelInetConfigEntry

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "The (conceptual) table containing information on

            configured tunnels.  This table can be used to map a

            set of tunnel endpoints to the associated ifIndex

            value.  It can also be used for row creation.  Note

            that every row in the tunnelIfTable with a fixed

            destination address should have a corresponding row in

            the tunnelInetConfigTable, regardless of whether it

            was created via SNMP."

    ::= { tunnel 3 }

tunnelInetConfigEntry OBJECT-TYPE

    SYNTAX     TunnelInetConfigEntry

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "An entry (conceptual row) containing the information

            on a particular configured tunnel.  Note that there is

            a 128 subid maximum for object OIDs.  Implementers

            need to be aware that if the total number of octets in

            tunnelInetConfigLocalAddress and

            tunnelInetConfigRemoteAddress exceeds 110 then OIDs of

            column instances in this table will have more than 128

            sub-identifiers and cannot be accessed using SNMPv1,

            SNMPv2c, or SNMPv3.  In practice this is not expected

            to be a problem since IPv4 and IPv6 addresses will not

            cause the limit to be reached, but if other types are

            supported by an agent, care must be taken to ensure

            that the sum of the lengths do not cause the limit to

            be exceeded."

    INDEX      { tunnelInetConfigAddressType,

                 tunnelInetConfigLocalAddress,

                 tunnelInetConfigRemoteAddress,

                 tunnelInetConfigEncapsMethod,

                 tunnelInetConfigID }

    ::= { tunnelInetConfigTable 1 }

TunnelInetConfigEntry ::= SEQUENCE {

    tunnelInetConfigAddressType         InetAddressType,

    tunnelInetConfigLocalAddress        InetAddress,

    tunnelInetConfigRemoteAddress       InetAddress,

    tunnelInetConfigEncapsMethod        IANAtunnelType,

    tunnelInetConfigID                  Integer32,

    tunnelInetConfigIfIndex             InterfaceIndexOrZero,

    tunnelInetConfigStatus              RowStatus,

    tunnelInetConfigStorageType         StorageType

}

tunnelInetConfigAddressType OBJECT-TYPE

    SYNTAX     InetAddressType

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "The address type over which the tunnel encapsulates

            packets."

    ::= { tunnelInetConfigEntry 1 }

tunnelInetConfigLocalAddress OBJECT-TYPE

    SYNTAX     InetAddress

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "The address of the local endpoint of the tunnel, or

            0.0.0.0 (for IPv4) or :: (for IPv6) if the device is

            free to choose any of its addresses at tunnel

            establishment time."

    ::= { tunnelInetConfigEntry 2 }

tunnelInetConfigRemoteAddress OBJECT-TYPE

    SYNTAX     InetAddress

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "The address of the remote endpoint of the tunnel."

    ::= { tunnelInetConfigEntry 3 }

tunnelInetConfigEncapsMethod OBJECT-TYPE

    SYNTAX     IANAtunnelType

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "The encapsulation method used by the tunnel."

    ::= { tunnelInetConfigEntry 4 }

tunnelInetConfigID OBJECT-TYPE

    SYNTAX     Integer32 (1..2147483647)

    MAX-ACCESS not-accessible

    STATUS     current

    DESCRIPTION

            "An identifier used to distinguish between multiple

            tunnels of the same encapsulation method, with the

            same endpoints.  If the encapsulation protocol only

            allows one tunnel per set of endpoint addresses (such

            as for GRE or IP-in-IP), the value of this object is

            1.  For encapsulation methods (such as L2F) which

            allow multiple parallel tunnels, the manager is

            responsible for choosing any ID which does not

            conflict with an existing row, such as choosing a

            random number."

    ::= { tunnelInetConfigEntry 5 }

tunnelInetConfigIfIndex OBJECT-TYPE

    SYNTAX     InterfaceIndexOrZero

    MAX-ACCESS read-only

    STATUS     current

    DESCRIPTION

            "If the value of tunnelInetConfigStatus for this row

            is active, then this object contains the value of

            ifIndex corresponding to the tunnel interface.  A

            value of 0 is not legal in the active state, and means

            that the interface index has not yet been assigned."

    ::= { tunnelInetConfigEntry 6 }

tunnelInetConfigStatus OBJECT-TYPE

    SYNTAX     RowStatus

    MAX-ACCESS read-create

    STATUS     current

    DESCRIPTION

            "The status of this row, by which new entries may be

            created, or old entries deleted from this table.  The

            agent need not support setting this object to

            createAndWait or notInService since there are no other

            writable objects in this table, and writable objects

            in rows of corresponding tables such as the

            tunnelIfTable may be modified while this row is

            active.

            To create a row in this table for an encapsulation

            method which does not support multiple parallel

            tunnels with the same endpoints, the management

            station should simply use a tunnelInetConfigID of 1,

            and set tunnelInetConfigStatus to createAndGo.  For

            encapsulation methods such as L2F which allow multiple

            parallel tunnels, the management station may select a

            pseudo-random number to use as the tunnelInetConfigID

            and set tunnelInetConfigStatus to createAndGo.  In the

            event that this ID is already in use and an

            inconsistentValue is returned in response to the set

            operation, the management station should simply select

            a new pseudo-random number and retry the operation.

            Creating a row in this table will cause an interface

            index to be assigned by the agent in an

            implementation-dependent manner, and corresponding

            rows will be instantiated in the ifTable and the

            tunnelIfTable.  The status of this row will become

            active as soon as the agent assigns the interface

            index, regardless of whether the interface is

            operationally up.

            Deleting a row in this table will likewise delete the

            corresponding row in the ifTable and in the

            tunnelIfTable."

    ::= { tunnelInetConfigEntry 7 }

tunnelInetConfigStorageType OBJECT-TYPE

    SYNTAX     StorageType

    MAX-ACCESS read-create

    STATUS     current

    DESCRIPTION

            "The storage type of this row.  If the row is

            permanent(4), no objects in the row need be writable."

    ::= { tunnelInetConfigEntry 8 }

-- conformance information

tunnelMIBConformance

                  OBJECT IDENTIFIER ::= { tunnelMIB 2 }

tunnelMIBCompliances

                  OBJECT IDENTIFIER ::= { tunnelMIBConformance 1 }

tunnelMIBGroups  OBJECT IDENTIFIER ::= { tunnelMIBConformance 2 }

-- compliance statements

tunnelMIBCompliance MODULE-COMPLIANCE

    STATUS  deprecated

    DESCRIPTION

            "The (deprecated) IPv4-only compliance statement for

            the IP Tunnel MIB.

            This is deprecated in favor of

            tunnelMIBInetFullCompliance and

            tunnelMIBInetReadOnlyCompliance."

    MODULE  -- this module

    MANDATORY-GROUPS { tunnelMIBBasicGroup }

        OBJECT      tunnelIfHopLimit

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelIfTOS

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelConfigStatus

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

   ::= { tunnelMIBCompliances 1 }

tunnelMIBInetFullCompliance MODULE-COMPLIANCE

    STATUS  current

    DESCRIPTION

            "The full compliance statement for the IP Tunnel MIB."

    MODULE  -- this module

    MANDATORY-GROUPS { tunnelMIBInetGroup }

        OBJECT      tunnelIfAddressType

        SYNTAX      InetAddressType { ipv4(1), ipv6(2),

                                      ipv4z(3), ipv6z(4) }

        DESCRIPTION

            "An implementation is only required to support IPv4

            and/or IPv6 addresses.  An implementation only needs to

            support the addresses it actually supports on the

            device."

   ::= { tunnelMIBCompliances 2 }

tunnelMIBInetReadOnlyCompliance MODULE-COMPLIANCE

    STATUS  current

    DESCRIPTION

            "The read-only compliance statement for the IP Tunnel

            MIB."

    MODULE  -- this module

    MANDATORY-GROUPS { tunnelMIBInetGroup }

        OBJECT      tunnelIfHopLimit

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelIfTOS

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelIfFlowLabel

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelIfAddressType

        SYNTAX      InetAddressType { ipv4(1), ipv6(2),

                                      ipv4z(3), ipv6z(4) }

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required.

            An implementation is only required to support IPv4

            and/or IPv6 addresses.  An implementation only needs to

            support the addresses it actually supports on the

            device."

        OBJECT      tunnelIfLocalInetAddress

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelIfRemoteInetAddress

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelIfEncapsLimit

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

        OBJECT      tunnelInetConfigStatus

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required, and active is the only

            status that needs to be supported."

        OBJECT      tunnelInetConfigStorageType

        MIN-ACCESS  read-only

        DESCRIPTION

            "Write access is not required."

   ::= { tunnelMIBCompliances 3 }

-- units of conformance

tunnelMIBBasicGroup OBJECT-GROUP

    OBJECTS { tunnelIfLocalAddress, tunnelIfRemoteAddress,

       tunnelIfEncapsMethod, tunnelIfHopLimit, tunnelIfTOS,

       tunnelIfSecurity, tunnelConfigIfIndex, tunnelConfigStatus }

    STATUS  deprecated

    DESCRIPTION

            "A collection of objects to support basic management

            of IPv4 Tunnels.  Since this group cannot support

            IPv6, it is deprecated in favor of

            tunnelMIBInetGroup."

    ::= { tunnelMIBGroups 1 }

tunnelMIBInetGroup OBJECT-GROUP

    OBJECTS { tunnelIfAddressType, tunnelIfLocalInetAddress,

       tunnelIfRemoteInetAddress, tunnelIfEncapsMethod,

       tunnelIfEncapsLimit,

       tunnelIfHopLimit, tunnelIfTOS, tunnelIfFlowLabel,

       tunnelIfSecurity, tunnelInetConfigIfIndex,

       tunnelInetConfigStatus, tunnelInetConfigStorageType }

    STATUS  current

    DESCRIPTION

            "A collection of objects to support basic management

            of IPv4 and IPv6 Tunnels."

    ::= { tunnelMIBGroups 2 }

END