Reference record for OID 1.3.6.1.4.1.9.10.110


parent
1.3.6.1.4.1.9.10 (ciscoExperiment)
node code
110
node name
ciscoDot11ContextServicesMIB
dot oid
1.3.6.1.4.1.9.10.110
type
OBJECT IDENTIFIER
asn1 oid
  • {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) cisco(9) ciscoExperiment(10) ciscoDot11ContextServicesMIB(110)}
  • {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprises(1) cisco(9) ciscoExperiment(10) ciscoDot11ContextServicesMIB(110)}
  • {iso(1) org(3) dod(6) internet(1) private(4) enterprise(1) cisco(9) ciscoExperiment(10) ciscoDot11ContextServicesMIB(110)}
  • {iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) cisco(9) ciscoExperiment(10) ciscoDot11ContextServicesMIB(110)}
  • {iso(1) iso-identified-organization(3) dod(6) internet(1) private(4) enterprise(1) cisco(9) ciscoExperiment(10) ciscoDot11ContextServicesMIB(110)}
  • {iso(1) iso-identified-organization(3) dod(6) internet(1) private(4) enterprises(1) cisco(9) ciscoExperiment(10) ciscoDot11ContextServicesMIB(110)}
  • iri oid
  • /iso/identified-organization/dod/internet/private/enterprise/cisco/ciscoExperiment/ciscoDot11ContextServicesMIB
  • /iso/identified-organization/dod/internet/private/enterprises/cisco/ciscoExperiment/ciscoDot11ContextServicesMIB
  • /iso/org/dod/internet/private/enterprise/cisco/ciscoExperiment/ciscoDot11ContextServicesMIB
  • /iso/org/dod/internet/private/enterprises/cisco/ciscoExperiment/ciscoDot11ContextServicesMIB
  • /iso/iso-identified-organization/dod/internet/private/enterprise/cisco/ciscoExperiment/ciscoDot11ContextServicesMIB
  • /iso/iso-identified-organization/dod/internet/private/enterprises/cisco/ciscoExperiment/ciscoDot11ContextServicesMIB
  • iri by oid_info
    /ISO/Identified-Organization/6/1/4/1/9/10/110

    Description by circitor

    This MIB supports managing the devices offering
    WDS and WNS services.

    The hierarchy of the devices offering the wireless
    domain and network services looks like the following.

    += = = = +
    | |
    | WNS | (Campus level)
    | |
    += = = = +
    / \
    / \
    / \
    / \
    \/ \/
    += = =+ += = =+
    | | | |
    | WNS | | WNS |
    | | | |
    += = =+ += = =+
    / \ \
    / \ \
    / \ \
    / \ \
    \/ \/ \/
    +=====+ +=====+ +=====+
    | | | | | |
    | WDS | | WDS | | WDS | ( Subnet
    | | | | | | level-
    +=====+ +=====+ +=====+ Single
    / \ \ \ broadcast
    / \ \ \ domain )
    / \ \ \
    / \ \ \
    / \ \ \
    \/ \/ \/ \/
    +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+
    + + + + + + + +
    + AP + + AP + + AP + + AP +
    + + + + + + + +
    +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+
    .. . . .
    . . . . .
    . . . . .
    . . . . .
    . . . . .
    \/ \/ \/ \/ \/
    +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+
    + + + + + + + + + +
    + MN + + MN + + WGB + + AP + + MN +
    + + + + + + + + + +
    +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+
    . . .
    . . .
    . . .
    . . .
    \/ \/ \/
    ++++++++ +......+ +......+
    + + + + + +
    + EN + + MN + + MN +
    + + + + + +
    ++++++++ +......+ +......+

    The diagram above depicts the overall campus network
    hierarchy and the services being offered at various
    levels in the hierarchy. Here, Infrastructure Node
    Authentication services are offered by the device
    providing WNS at the root (Campus) level. WNS
    at this level thus span an enterprise campus that
    resides in a geographic location.

    WNS are offered at various levels as shown in the
    hierarchy to achieve scalability. WNS at the
    subsequent levels other than the root level include
    authentication services for MNs and are typically
    confined to a single building.

    At the broadcast domain level, the WDS include
    authentication and registration services for the APs.
    An AP provides Proxy Authentication and registration
    services for the MNs. The APs that connect to parent
    APs through the wireless interface ( as shown by the
    dotted lines ) are Repeater-APs. The WGBs are managed
    in the same manner as the MNs. However, the Ethernet
    Nodes ( EN ) that are connected to the WGB won't be
    served as part of the WDS.

    GLOSSARY

    Access Point ( AP )

    Any entity that contains an 802.11 medium access
    control ( MAC ) and physical layer ( PHY ) interface
    and provides access to the distribution services via
    the wireless medium for associated clients.

    Wireless Bridge

    An 802.11 entity that provides wireless connectivity
    between two wired LAN segments and is used in point-
    to-point or point-multipoint configurations.

    Mobile Node ( MN )

    A roaming 802.11 wireless device in a wireless
    network associated with an access point.


    WorkGroup Bridge ( WGB )

    A work-group bridge is a non-STP AP with an 802.11
    primary port and a secondary Ethernet port that
    provides access to a non-STP secondary Ethernet LAN
    segment. STP refers to the IEEE 802.1D Spanning Tree
    Protocol. An 'STP AP' executes the 802.1D STP and
    the 802.1D STP is operated on an 'STP link'. A
    'non-STP AP' does not execute the 802.1D STP.

    Repeater-AP

    A repeater is a 'wireless AP' that is attached to a
    parent AP on an 802.11 primary port. The Ethernet
    port is disabled in a Repeater-AP.

    Infrastructure Node ( IN )

    This term refers to Access Points, Wireless Bridges
    and those devices that implement and offer WNS and
    WDS as shown in the network hierarchy.

    Ethernet Node ( EN )

    The node that gets the uplink to the Wireless AP
    via the WGB. This node connects to the WGB through
    its primary Ethernet port.

    Context

    The mobility context for an MN includes its current
    mobility bindings with the APs, IP/802 address
    bindings, cached configuration parameters, QoS state,
    IP group membership, authentication state, accounting
    statistics, and other dynamically derived protocol
    state information.

    Wireless Domain Services

    The set of services being offered at a particular
    broadcast domain that may be an IP subnet or a
    particular VLAN. The services include the following.

    1. MN security credential caching to provide seamless,
    secure intra-subnet roaming.

    2. Authenticated context transfer for roaming client
    within the subnet.

    Since, by definition, the WDS are bound to one subnet
    ( broadcast domain ), if implemented in a device
    spanning multiple subnets, the implementation should
    take care to provide separate set of services for
    each of the subnets.

    Wireless Network Services

    The set of services that can be visualized as being
    offered at various levels other than the lowest
    (subnet) level of a hierarchical campus network.

    At the root level, Infrastructure Authentication
    services for all the devices in the network that
    provide WNS and WDS are offered. In case if WNS are
    not distributed at several levels as shown in the
    hierarchy above and is confined to be offered only at
    a single root level, the services offered also
    include authentication services for the MNs.

    WNS Entity

    The logical entity that resides in an infrastructure
    node and offers WNS to the descendants of that
    infrastructure node in the wireless services
    hierarchy.

    WDS Entity

    The logical entity that resides in an infrastructure
    node and offers WDS to the descendants of that
    infrastructure node in the wireless services
    hierarchy.

    WS Entity

    Refers to one of WNS / WDS Entities.

    Parent Node

    The node that immediately precedes an infrastructure
    node in the hierarchy. For mobile nodes, the parent
    APs provide proxy wireless services by talking to
    their immediate parent nodes that offer WDS.

    Root Node

    The infrastructure node that is at the highest level
    in the services hierarchy and that offers WNS.
    The WNS entity acts as the IN Authenticator
    for the rest of the infrastructure nodes. In case if
    WNS are not distributed, the root node also acts as
    the Mobile Node Authenticator ( See description
    below ).

    Descendant

    A node that is in the sub-tree of the campus hierarchy
    tree rooted at the node providing WNS.

    Infrastructure Node ( IN ) Authenticator

    The logical entity that communicates with the AAA
    server and provides authentication Services for the
    infrastructure nodes. Details of the IN
    Authenticator have to be configured in the device
    providing WDS manually. The AP learns about the IN
    Authenticator automatically upon registering with its
    immediate parent. The WDS also includes MN
    authentication services if the entity providing WDS is
    at the root level in the hierarchy.

    Mobile Node ( MN ) Authenticator

    The logical entity that communicates with the AAA
    server and provides authentication Services for mobile
    nodes. An infrastructure node learns the whereabouts
    of the MN Authenticator from the root node.

    Wireless Network Manager ( WNM )

    The network management system that manages the
    entire hierarchy of devices providing WNS and WDS.

    Advertisement

    The process by which the Access Points identify their
    parent nodes providing WDS. APs listen to the
    advertisements of the WDS entities and gets registered
    with one of those entities to facilitate secured
    context transfer.

    WLCCP

    Wireless LAN Context Control Protocol. Used to
    establish and manage the network topology and
    securely manage the 'operational context' for mobile
    stations in a campus network.

    AAA

    Authentication, Authorization, Accounting

    A node will request network access by executing a
    protocol to an authentication server that provides
    protocols and services for providing authentication,
    authorization and session accounting.

    Service Set Identifier ( SSID )

    802.11 Service Set Identifier. An SSID identifies a
    set of mobile nodes grouped into a logical 'service
    set' and the APs that provide access for the service
    set.

    Wired Equivalent Privacy (WEP)

    This protocol uses a pseudo random generator and RC4
    stream cipher and is specified by the 802.11 standard
    as the algorithm for encryption and authentication
    over the wireless segment of the LAN.

    Temporal Key Integrity Protocol ( TKIP )

    This protocol provides initialization vector hashing
    and a Message Integrity Check ( MIC ) to ensure data
    integrity. TKIP includes use of dynamic keys to
    defeat capture of passive keys. TKIP uses the RC4
    cipher as WEP but the difference is that TKIP changes
    temporal keys every 10,000 packets thereby providing a
    dynamic distribution network that enhances the
    security of the network.

    Cisco Key Integrity Protocol ( CKIP )

    A proprietary implementation similar to TKIP. CKIP
    implements key permutation for protecting the CKIP
    key against attacks. Other features of CKIP include
    expansion of encryption key to 16 bytes of length for
    key protection and MIC to ensure data integrity.


    Wireless services at subnet level
    =================================

    +========+
    | |
    | WDS | ( Subnet level - Broadcast
    | | domain )
    +========+
    / \
    / \
    / \
    / \
    / \
    \/ \/
    +~-~-~+ +~-~-~+
    + + + +
    + AP + + AP +
    + + + +
    +~-~-~+ +~-~-~+
    . . .
    . . .
    . . .
    . . .
    . . .
    . . .
    \/ \/ \/
    +......+ +-.-.-.+ +~-~-~-+
    + + + + + +
    + MN + + WGB + + AP +
    + + + + + +
    +......+ +-.-.-.+ +~-~-~-+


    The above diagram depicts how wireless services are
    being offered in an infrastructure node implementing
    WDS. In such a network, the WDS entity provides
    authentication services to both the infrastructure
    and mobile nodes.

    The other entities in the diagram are the Mobile Node
    ( MN ), the Workgroup Bridge (WGB) and another
    AP-in-repeater mode. The Repeater-APs first perform
    initial authentication with the AAA server ( through
    WDS ) and then perform infrastructure authentication
    and registration with the WDS entity. The WGBs go
    through the same procedure as the MNs for
    authentication and registration with the WDS entity.

    Parsed from file CISCO-DOT11-CONTEXT-SERVICES-MIB.mib
    Module: CISCO-DOT11-CONTEXT-SERVICES-MIB

    Description by mibdepot

    This MIB supports managing the devices offering
    WDS and WNS services.

    The hierarchy of the devices offering the wireless
    domain and network services looks like the following.

    += = = = +
    | |
    | WNS | (Campus level)
    | |
    += = = = +
    / \
    / \
    / \
    / \
    \/ \/
    += = =+ += = =+
    | | | |
    | WNS | | WNS |
    | | | |
    += = =+ += = =+
    / \ \
    / \ \
    / \ \
    / \ \
    \/ \/ \/
    +=====+ +=====+ +=====+
    | | | | | |
    | WDS | | WDS | | WDS | ( Subnet
    | | | | | | level-
    +=====+ +=====+ +=====+ Single
    / \ \ \ broadcast
    / \ \ \ domain )
    / \ \ \
    / \ \ \
    / \ \ \
    \/ \/ \/ \/
    +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+
    + + + + + + + +
    + AP + + AP + + AP + + AP +
    + + + + + + + +
    +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+
    .. . . .
    . . . . .
    . . . . .
    . . . . .
    . . . . .
    \/ \/ \/ \/ \/
    +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+
    + + + + + + + + + +
    + MN + + MN + + WGB + + AP + + MN +
    + + + + + + + + + +
    +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+
    . . .
    . . .
    . . .
    . . .
    \/ \/ \/
    ++++++++ +......+ +......+
    + + + + + +
    + EN + + MN + + MN +
    + + + + + +
    ++++++++ +......+ +......+

    The diagram above depicts the overall campus network
    hierarchy and the services being offered at various
    levels in the hierarchy. Here, Infrastructure Node
    Authentication services are offered by the device
    providing WNS at the root (Campus) level. WNS
    at this level thus span an enterprise campus that
    resides in a geographic location.

    WNS are offered at various levels as shown in the
    hierarchy to achieve scalability. WNS at the
    subsequent levels other than the root level include
    authentication services for MNs and are typically
    confined to a single building.

    At the broadcast domain level, the WDS include
    authentication and registration services for the APs.
    An AP provides Proxy Authentication and registration
    services for the MNs. The APs that connect to parent
    APs through the wireless interface ( as shown by the
    dotted lines ) are Repeater-APs. The WGBs are managed
    in the same manner as the MNs. However, the Ethernet
    Nodes ( EN ) that are connected to the WGB won't be
    served as part of the WDS.

    GLOSSARY

    Access Point ( AP )

    Any entity that contains an 802.11 medium access
    control ( MAC ) and physical layer ( PHY ) interface
    and provides access to the distribution services via
    the wireless medium for associated clients.

    Wireless Bridge

    An 802.11 entity that provides wireless connectivity
    between two wired LAN segments and is used in point-
    to-point or point-multipoint configurations.

    Mobile Node ( MN )

    A roaming 802.11 wireless device in a wireless
    network associated with an access point.


    WorkGroup Bridge ( WGB )

    A work-group bridge is a non-STP AP with an 802.11
    primary port and a secondary Ethernet port that
    provides access to a non-STP secondary Ethernet LAN
    segment. STP refers to the IEEE 802.1D Spanning Tree
    Protocol. An 'STP AP' executes the 802.1D STP and
    the 802.1D STP is operated on an 'STP link'. A
    'non-STP AP' does not execute the 802.1D STP.

    Repeater-AP

    A repeater is a 'wireless AP' that is attached to a
    parent AP on an 802.11 primary port. The Ethernet
    port is disabled in a Repeater-AP.

    Infrastructure Node ( IN )

    This term refers to Access Points, Wireless Bridges
    and those devices that implement and offer WNS and
    WDS as shown in the network hierarchy.

    Ethernet Node ( EN )

    The node that gets the uplink to the Wireless AP
    via the WGB. This node connects to the WGB through
    its primary Ethernet port.

    Context

    The mobility context for an MN includes its current
    mobility bindings with the APs, IP/802 address
    bindings, cached configuration parameters, QoS state,
    IP group membership, authentication state, accounting
    statistics, and other dynamically derived protocol
    state information.

    Wireless Domain Services

    The set of services being offered at a particular
    broadcast domain that may be an IP subnet or a
    particular VLAN. The services include the following.

    1. MN security credential caching to provide seamless,
    secure intra-subnet roaming.

    2. Authenticated context transfer for roaming client
    within the subnet.

    Since, by definition, the WDS are bound to one subnet
    ( broadcast domain ), if implemented in a device
    spanning multiple subnets, the implementation should
    take care to provide separate set of services for
    each of the subnets.

    Wireless Network Services

    The set of services that can be visualized as being
    offered at various levels other than the lowest
    (subnet) level of a hierarchical campus network.

    At the root level, Infrastructure Authentication
    services for all the devices in the network that
    provide WNS and WDS are offered. In case if WNS are
    not distributed at several levels as shown in the
    hierarchy above and is confined to be offered only at
    a single root level, the services offered also
    include authentication services for the MNs.

    WNS Entity

    The logical entity that resides in an infrastructure
    node and offers WNS to the descendants of that
    infrastructure node in the wireless services
    hierarchy.

    WDS Entity

    The logical entity that resides in an infrastructure
    node and offers WDS to the descendants of that
    infrastructure node in the wireless services
    hierarchy.

    WS Entity

    Refers to one of WNS / WDS Entities.

    Parent Node

    The node that immediately precedes an infrastructure
    node in the hierarchy. For mobile nodes, the parent
    APs provide proxy wireless services by talking to
    their immediate parent nodes that offer WDS.

    Root Node

    The infrastructure node that is at the highest level
    in the services hierarchy and that offers WNS.
    The WNS entity acts as the IN Authenticator
    for the rest of the infrastructure nodes. In case if
    WNS are not distributed, the root node also acts as
    the Mobile Node Authenticator ( See description
    below ).

    Descendant

    A node that is in the sub-tree of the campus hierarchy
    tree rooted at the node providing WNS.

    Infrastructure Node ( IN ) Authenticator

    The logical entity that communicates with the AAA
    server and provides authentication Services for the
    infrastructure nodes. Details of the IN
    Authenticator have to be configured in the device
    providing WDS manually. The AP learns about the IN
    Authenticator automatically upon registering with its
    immediate parent. The WDS also includes MN
    authentication services if the entity providing WDS is
    at the root level in the hierarchy.

    Mobile Node ( MN ) Authenticator

    The logical entity that communicates with the AAA
    server and provides authentication Services for mobile
    nodes. An infrastructure node learns the whereabouts
    of the MN Authenticator from the root node.

    Wireless Network Manager ( WNM )

    The network management system that manages the
    entire hierarchy of devices providing WNS and WDS.

    Advertisement

    The process by which the Access Points identify their
    parent nodes providing WDS. APs listen to the
    advertisements of the WDS entities and gets registered
    with one of those entities to facilitate secured
    context transfer.

    WLCCP

    Wireless LAN Context Control Protocol. Used to
    establish and manage the network topology and
    securely manage the 'operational context' for mobile
    stations in a campus network.

    AAA

    Authentication, Authorization, Accounting

    A node will request network access by executing a
    protocol to an authentication server that provides
    protocols and services for providing authentication,
    authorization and session accounting.

    Service Set Identifier ( SSID )

    802.11 Service Set Identifier. An SSID identifies a
    set of mobile nodes grouped into a logical 'service
    set' and the APs that provide access for the service
    set.

    Wired Equivalent Privacy (WEP)

    This protocol uses a pseudo random generator and RC4
    stream cipher and is specified by the 802.11 standard
    as the algorithm for encryption and authentication
    over the wireless segment of the LAN.

    Temporal Key Integrity Protocol ( TKIP )

    This protocol provides initialization vector hashing
    and a Message Integrity Check ( MIC ) to ensure data
    integrity. TKIP includes use of dynamic keys to
    defeat capture of passive keys. TKIP uses the RC4
    cipher as WEP but the difference is that TKIP changes
    temporal keys every 10,000 packets thereby providing a
    dynamic distribution network that enhances the
    security of the network.

    Cisco Key Integrity Protocol ( CKIP )

    A proprietary implementation similar to TKIP. CKIP
    implements key permutation for protecting the CKIP
    key against attacks. Other features of CKIP include
    expansion of encryption key to 16 bytes of length for
    key protection and MIC to ensure data integrity.


    Wireless services at subnet level
    =================================

    +========+
    | |
    | WDS | ( Subnet level - Broadcast
    | | domain )
    +========+
    / \
    / \
    / \
    / \
    / \
    \/ \/
    +~-~-~+ +~-~-~+
    + + + +
    + AP + + AP +
    + + + +
    +~-~-~+ +~-~-~+
    . . .
    . . .
    . . .
    . . .
    . . .
    . . .
    \/ \/ \/
    +......+ +-.-.-.+ +~-~-~-+
    + + + + + +
    + MN + + WGB + + AP +
    + + + + + +
    +......+ +-.-.-.+ +~-~-~-+


    The above diagram depicts how wireless services are
    being offered in an infrastructure node implementing
    WDS. In such a network, the WDS entity provides
    authentication services to both the infrastructure
    and mobile nodes.

    The other entities in the diagram are the Mobile Node
    ( MN ), the Workgroup Bridge (WGB) and another
    AP-in-repeater mode. The Repeater-APs first perform
    initial authentication with the AAA server ( through
    WDS ) and then perform infrastructure authentication
    and registration with the WDS entity. The WGBs go
    through the same procedure as the MNs for
    authentication and registration with the WDS entity.

    Parsed from file CISCO-DOT11-CONTEXT-SERVICES-MIB.my.txt
    Company: None
    Module: CISCO-DOT11-CONTEXT-SERVICES-MIB

    Description by cisco

    This MIB supports managing the devices offering
    WDS and WNS services.

    The hierarchy of the devices offering the wireless
    domain and network services looks like the following.

    += = = = +
    | |
    | WNS | (Campus level)
    | |
    += = = = +
    / \
    / \
    / \
    / \
    \/ \/
    += = =+ += = =+
    | | | |
    | WNS | | WNS |
    | | | |
    += = =+ += = =+
    / \ \
    / \ \
    / \ \
    / \ \
    \/ \/ \/
    +=====+ +=====+ +=====+
    | | | | | |
    | WDS | | WDS | | WDS | ( Subnet
    | | | | | | level-
    +=====+ +=====+ +=====+ Single
    / \ \ \ broadcast
    / \ \ \ domain )
    / \ \ \
    / \ \ \
    / \ \ \
    \/ \/ \/ \/
    +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+
    + + + + + + + +
    + AP + + AP + + AP + + AP +
    + + + + + + + +
    +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+
    .. . . .
    . . . . .
    . . . . .
    . . . . .
    . . . . .
    \/ \/ \/ \/ \/
    +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+
    + + + + + + + + + +
    + MN + + MN + + WGB + + AP + + MN +
    + + + + + + + + + +
    +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+
    . . .
    . . .
    . . .
    . . .
    \/ \/ \/
    ++++++++ +......+ +......+
    + + + + + +
    + EN + + MN + + MN +
    + + + + + +
    ++++++++ +......+ +......+

    The diagram above depicts the overall campus network
    hierarchy and the services being offered at various
    levels in the hierarchy. Here, Infrastructure Node
    Authentication services are offered by the device
    providing WNS at the root (Campus) level. WNS
    at this level thus span an enterprise campus that
    resides in a geographic location.

    WNS are offered at various levels as shown in the
    hierarchy to achieve scalability. WNS at the
    subsequent levels other than the root level include
    authentication services for MNs and are typically
    confined to a single building.

    At the broadcast domain level, the WDS include
    authentication and registration services for the APs.
    An AP provides Proxy Authentication and registration
    services for the MNs. The APs that connect to parent
    APs through the wireless interface ( as shown by the
    dotted lines ) are Repeater-APs. The WGBs are managed
    in the same manner as the MNs. However, the Ethernet
    Nodes ( EN ) that are connected to the WGB won't be
    served as part of the WDS.

    GLOSSARY

    Access Point ( AP )

    Any entity that contains an 802.11 medium access
    control ( MAC ) and physical layer ( PHY ) interface
    and provides access to the distribution services via
    the wireless medium for associated clients.

    Wireless Bridge

    An 802.11 entity that provides wireless connectivity
    between two wired LAN segments and is used in point-
    to-point or point-multipoint configurations.

    Mobile Node ( MN )

    A roaming 802.11 wireless device in a wireless
    network associated with an access point.


    WorkGroup Bridge ( WGB )

    A work-group bridge is a non-STP AP with an 802.11
    primary port and a secondary Ethernet port that
    provides access to a non-STP secondary Ethernet LAN
    segment. STP refers to the IEEE 802.1D Spanning Tree
    Protocol. An 'STP AP' executes the 802.1D STP and
    the 802.1D STP is operated on an 'STP link'. A
    'non-STP AP' does not execute the 802.1D STP.

    Repeater-AP

    A repeater is a 'wireless AP' that is attached to a
    parent AP on an 802.11 primary port. The Ethernet
    port is disabled in a Repeater-AP.

    Infrastructure Node ( IN )

    This term refers to Access Points, Wireless Bridges
    and those devices that implement and offer WNS and
    WDS as shown in the network hierarchy.

    Ethernet Node ( EN )

    The node that gets the uplink to the Wireless AP
    via the WGB. This node connects to the WGB through
    its primary Ethernet port.

    Context

    The mobility context for an MN includes its current
    mobility bindings with the APs, IP/802 address
    bindings, cached configuration parameters, QoS state,
    IP group membership, authentication state, accounting
    statistics, and other dynamically derived protocol
    state information.

    Wireless Domain Services

    The set of services being offered at a particular
    broadcast domain that may be an IP subnet or a
    particular VLAN. The services include the following.

    1. MN security credential caching to provide seamless,
    secure intra-subnet roaming.

    2. Authenticated context transfer for roaming client
    within the subnet.

    Since, by definition, the WDS are bound to one subnet
    ( broadcast domain ), if implemented in a device
    spanning multiple subnets, the implementation should
    take care to provide separate set of services for
    each of the subnets.

    Wireless Network Services

    The set of services that can be visualized as being
    offered at various levels other than the lowest
    (subnet) level of a hierarchical campus network.

    At the root level, Infrastructure Authentication
    services for all the devices in the network that
    provide WNS and WDS are offered. In case if WNS are
    not distributed at several levels as shown in the
    hierarchy above and is confined to be offered only at
    a single root level, the services offered also
    include authentication services for the MNs.

    WNS Entity

    The logical entity that resides in an infrastructure
    node and offers WNS to the descendants of that
    infrastructure node in the wireless services
    hierarchy.

    WDS Entity

    The logical entity that resides in an infrastructure
    node and offers WDS to the descendants of that
    infrastructure node in the wireless services
    hierarchy.

    WS Entity

    Refers to one of WNS / WDS Entities.

    Parent Node

    The node that immediately precedes an infrastructure
    node in the hierarchy. For mobile nodes, the parent
    APs provide proxy wireless services by talking to
    their immediate parent nodes that offer WDS.

    Root Node

    The infrastructure node that is at the highest level
    in the services hierarchy and that offers WNS.
    The WNS entity acts as the IN Authenticator
    for the rest of the infrastructure nodes. In case if
    WNS are not distributed, the root node also acts as
    the Mobile Node Authenticator ( See description
    below ).

    Descendant

    A node that is in the sub-tree of the campus hierarchy
    tree rooted at the node providing WNS.

    Infrastructure Node ( IN ) Authenticator

    The logical entity that communicates with the AAA
    server and provides authentication Services for the
    infrastructure nodes. Details of the IN
    Authenticator have to be configured in the device
    providing WDS manually. The AP learns about the IN
    Authenticator automatically upon registering with its
    immediate parent. The WDS also includes MN
    authentication services if the entity providing WDS is
    at the root level in the hierarchy.

    Mobile Node ( MN ) Authenticator

    The logical entity that communicates with the AAA
    server and provides authentication Services for mobile
    nodes. An infrastructure node learns the whereabouts
    of the MN Authenticator from the root node.

    Wireless Network Manager ( WNM )

    The network management system that manages the
    entire hierarchy of devices providing WNS and WDS.

    Advertisement

    The process by which the Access Points identify their
    parent nodes providing WDS. APs listen to the
    advertisements of the WDS entities and gets registered
    with one of those entities to facilitate secured
    context transfer.

    WLCCP

    Wireless LAN Context Control Protocol. Used to
    establish and manage the network topology and
    securely manage the 'operational context' for mobile
    stations in a campus network.

    AAA

    Authentication, Authorization, Accounting

    A node will request network access by executing a
    protocol to an authentication server that provides
    protocols and services for providing authentication,
    authorization and session accounting.

    Service Set Identifier ( SSID )

    802.11 Service Set Identifier. An SSID identifies a
    set of mobile nodes grouped into a logical 'service
    set' and the APs that provide access for the service
    set.

    Wired Equivalent Privacy (WEP)

    This protocol uses a pseudo random generator and RC4
    stream cipher and is specified by the 802.11 standard
    as the algorithm for encryption and authentication
    over the wireless segment of the LAN.

    Temporal Key Integrity Protocol ( TKIP )

    This protocol provides initialization vector hashing
    and a Message Integrity Check ( MIC ) to ensure data
    integrity. TKIP includes use of dynamic keys to
    defeat capture of passive keys. TKIP uses the RC4
    cipher as WEP but the difference is that TKIP changes
    temporal keys every 10,000 packets thereby providing a
    dynamic distribution network that enhances the
    security of the network.

    Cisco Key Integrity Protocol ( CKIP )

    A proprietary implementation similar to TKIP. CKIP
    implements key permutation for protecting the CKIP
    key against attacks. Other features of CKIP include
    expansion of encryption key to 16 bytes of length for
    key protection and MIC to ensure data integrity.


    Wireless services at subnet level
    =================================

    +========+
    | |
    | WDS | ( Subnet level - Broadcast
    | | domain )
    +========+
    / \
    / \
    / \
    / \
    / \
    \/ \/
    +~-~-~+ +~-~-~+
    + + + +
    + AP + + AP +
    + + + +
    +~-~-~+ +~-~-~+
    . . .
    . . .
    . . .
    . . .
    . . .
    . . .
    \/ \/ \/
    +......+ +-.-.-.+ +~-~-~-+
    + + + + + +
    + MN + + WGB + + AP +
    + + + + + +
    +......+ +-.-.-.+ +~-~-~-+


    The above diagram depicts how wireless services are
    being offered in an infrastructure node implementing
    WDS. In such a network, the WDS entity provides
    authentication services to both the infrastructure
    and mobile nodes.

    The other entities in the diagram are the Mobile Node
    ( MN ), the Workgroup Bridge (WGB) and another
    AP-in-repeater mode. The Repeater-APs first perform
    initial authentication with the AAA server ( through
    WDS ) and then perform infrastructure authentication
    and registration with the WDS entity. The WGBs go
    through the same procedure as the MNs for
    authentication and registration with the WDS entity.

    Information by circitor

    ciscoDot11ContextServicesMIB MODULE-IDENTITY LAST-UPDATED "200309150000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO " Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS E-mail: [email protected]" DESCRIPTION "This MIB supports managing the devices offering WDS and WNS services. The hierarchy of the devices offering the wireless domain and network services looks like the following. += = = = + | | | WNS | (Campus level) | | += = = = + / \ / \ / \ / \ \/ \/ += = =+ += = =+ | | | | | WNS | | WNS | | | | | += = =+ += = =+ / \ \ / \ \ / \ \ / \ \ \/ \/ \/ +=====+ +=====+ +=====+ | | | | | | | WDS | | WDS | | WDS | ( Subnet | | | | | | level- +=====+ +=====+ +=====+ Single / \ \ \ broadcast / \ \ \ domain ) / \ \ \ / \ \ \ / \ \ \ \/ \/ \/ \/ +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+ .. . . . . . . . . . . . . . . . . . . . . . . . \/ \/ \/ \/ \/ +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+ + + + + + + + + + + + MN + + MN + + WGB + + AP + + MN + + + + + + + + + + + +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+ . . . . . . . . . . . . \/ \/ \/ ++++++++ +......+ +......+ + + + + + + + EN + + MN + + MN + + + + + + + ++++++++ +......+ +......+ The diagram above depicts the overall campus network hierarchy and the services being offered at various levels in the hierarchy. Here, Infrastructure Node Authentication services are offered by the device providing WNS at the root (Campus) level. WNS at this level thus span an enterprise campus that resides in a geographic location. WNS are offered at various levels as shown in the hierarchy to achieve scalability. WNS at the subsequent levels other than the root level include authentication services for MNs and are typically confined to a single building. At the broadcast domain level, the WDS include authentication and registration services for the APs. An AP provides Proxy Authentication and registration services for the MNs. The APs that connect to parent APs through the wireless interface ( as shown by the dotted lines ) are Repeater-APs. The WGBs are managed in the same manner as the MNs. However, the Ethernet Nodes ( EN ) that are connected to the WGB won't be served as part of the WDS. GLOSSARY Access Point ( AP ) Any entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. Wireless Bridge An 802.11 entity that provides wireless connectivity between two wired LAN segments and is used in point- to-point or point-multipoint configurations. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. WorkGroup Bridge ( WGB ) A work-group bridge is a non-STP AP with an 802.11 primary port and a secondary Ethernet port that provides access to a non-STP secondary Ethernet LAN segment. STP refers to the IEEE 802.1D Spanning Tree Protocol. An 'STP AP' executes the 802.1D STP and the 802.1D STP is operated on an 'STP link'. A 'non-STP AP' does not execute the 802.1D STP. Repeater-AP A repeater is a 'wireless AP' that is attached to a parent AP on an 802.11 primary port. The Ethernet port is disabled in a Repeater-AP. Infrastructure Node ( IN ) This term refers to Access Points, Wireless Bridges and those devices that implement and offer WNS and WDS as shown in the network hierarchy. Ethernet Node ( EN ) The node that gets the uplink to the Wireless AP via the WGB. This node connects to the WGB through its primary Ethernet port. Context The mobility context for an MN includes its current mobility bindings with the APs, IP/802 address bindings, cached configuration parameters, QoS state, IP group membership, authentication state, accounting statistics, and other dynamically derived protocol state information. Wireless Domain Services The set of services being offered at a particular broadcast domain that may be an IP subnet or a particular VLAN. The services include the following. 1. MN security credential caching to provide seamless, secure intra-subnet roaming. 2. Authenticated context transfer for roaming client within the subnet. Since, by definition, the WDS are bound to one subnet ( broadcast domain ), if implemented in a device spanning multiple subnets, the implementation should take care to provide separate set of services for each of the subnets. Wireless Network Services The set of services that can be visualized as being offered at various levels other than the lowest (subnet) level of a hierarchical campus network. At the root level, Infrastructure Authentication services for all the devices in the network that provide WNS and WDS are offered. In case if WNS are not distributed at several levels as shown in the hierarchy above and is confined to be offered only at a single root level, the services offered also include authentication services for the MNs. WNS Entity The logical entity that resides in an infrastructure node and offers WNS to the descendants of that infrastructure node in the wireless services hierarchy. WDS Entity The logical entity that resides in an infrastructure node and offers WDS to the descendants of that infrastructure node in the wireless services hierarchy. WS Entity Refers to one of WNS / WDS Entities. Parent Node The node that immediately precedes an infrastructure node in the hierarchy. For mobile nodes, the parent APs provide proxy wireless services by talking to their immediate parent nodes that offer WDS. Root Node The infrastructure node that is at the highest level in the services hierarchy and that offers WNS. The WNS entity acts as the IN Authenticator for the rest of the infrastructure nodes. In case if WNS are not distributed, the root node also acts as the Mobile Node Authenticator ( See description below ). Descendant A node that is in the sub-tree of the campus hierarchy tree rooted at the node providing WNS. Infrastructure Node ( IN ) Authenticator The logical entity that communicates with the AAA server and provides authentication Services for the infrastructure nodes. Details of the IN Authenticator have to be configured in the device providing WDS manually. The AP learns about the IN Authenticator automatically upon registering with its immediate parent. The WDS also includes MN authentication services if the entity providing WDS is at the root level in the hierarchy. Mobile Node ( MN ) Authenticator The logical entity that communicates with the AAA server and provides authentication Services for mobile nodes. An infrastructure node learns the whereabouts of the MN Authenticator from the root node. Wireless Network Manager ( WNM ) The network management system that manages the entire hierarchy of devices providing WNS and WDS. Advertisement The process by which the Access Points identify their parent nodes providing WDS. APs listen to the advertisements of the WDS entities and gets registered with one of those entities to facilitate secured context transfer. WLCCP Wireless LAN Context Control Protocol. Used to establish and manage the network topology and securely manage the 'operational context' for mobile stations in a campus network. AAA Authentication, Authorization, Accounting A node will request network access by executing a protocol to an authentication server that provides protocols and services for providing authentication, authorization and session accounting. Service Set Identifier ( SSID ) 802.11 Service Set Identifier. An SSID identifies a set of mobile nodes grouped into a logical 'service set' and the APs that provide access for the service set. Wired Equivalent Privacy (WEP) This protocol uses a pseudo random generator and RC4 stream cipher and is specified by the 802.11 standard as the algorithm for encryption and authentication over the wireless segment of the LAN. Temporal Key Integrity Protocol ( TKIP ) This protocol provides initialization vector hashing and a Message Integrity Check ( MIC ) to ensure data integrity. TKIP includes use of dynamic keys to defeat capture of passive keys. TKIP uses the RC4 cipher as WEP but the difference is that TKIP changes temporal keys every 10,000 packets thereby providing a dynamic distribution network that enhances the security of the network. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Wireless services at subnet level ================================= +========+ | | | WDS | ( Subnet level - Broadcast | | domain ) +========+ / \ / \ / \ / \ / \ \/ \/ +~-~-~+ +~-~-~+ + + + + + AP + + AP + + + + + +~-~-~+ +~-~-~+ . . . . . . . . . . . . . . . . . . \/ \/ \/ +......+ +-.-.-.+ +~-~-~-+ + + + + + + + MN + + WGB + + AP + + + + + + + +......+ +-.-.-.+ +~-~-~-+ The above diagram depicts how wireless services are being offered in an infrastructure node implementing WDS. In such a network, the WDS entity provides authentication services to both the infrastructure and mobile nodes. The other entities in the diagram are the Mobile Node ( MN ), the Workgroup Bridge (WGB) and another AP-in-repeater mode. The Repeater-APs first perform initial authentication with the AAA server ( through WDS ) and then perform infrastructure authentication and registration with the WDS entity. The WGBs go through the same procedure as the MNs for authentication and registration with the WDS entity. " REVISION "200309150000Z" DESCRIPTION "Initial version of this MIB module. " ::= { ciscoExperiment 110 }

    Information by cisco_v1

    ciscoDot11ContextServicesMIB OBJECT IDENTIFIER ::= { ciscoExperiment 110 }

    Information by oid_info

    Vendor: Cisco
    Module: CISCO-DOT11-CONTEXT-SERVICES-MIB

    [Automatically extracted from oidview.com]

    Information by mibdepot

    ciscoDot11ContextServicesMIB MODULE-IDENTITY LAST-UPDATED "200309150000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO " Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS E-mail: [email protected]" DESCRIPTION "This MIB supports managing the devices offering WDS and WNS services. The hierarchy of the devices offering the wireless domain and network services looks like the following. += = = = + | | | WNS | (Campus level) | | += = = = + / \ / \ / \ / \ \/ \/ += = =+ += = =+ | | | | | WNS | | WNS | | | | | += = =+ += = =+ / \ \ / \ \ / \ \ / \ \ \/ \/ \/ +=====+ +=====+ +=====+ | | | | | | | WDS | | WDS | | WDS | ( Subnet | | | | | | level- +=====+ +=====+ +=====+ Single / \ \ \ broadcast / \ \ \ domain ) / \ \ \ / \ \ \ / \ \ \ \/ \/ \/ \/ +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+ .. . . . . . . . . . . . . . . . . . . . . . . . \/ \/ \/ \/ \/ +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+ + + + + + + + + + + + MN + + MN + + WGB + + AP + + MN + + + + + + + + + + + +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+ . . . . . . . . . . . . \/ \/ \/ ++++++++ +......+ +......+ + + + + + + + EN + + MN + + MN + + + + + + + ++++++++ +......+ +......+ The diagram above depicts the overall campus network hierarchy and the services being offered at various levels in the hierarchy. Here, Infrastructure Node Authentication services are offered by the device providing WNS at the root (Campus) level. WNS at this level thus span an enterprise campus that resides in a geographic location. WNS are offered at various levels as shown in the hierarchy to achieve scalability. WNS at the subsequent levels other than the root level include authentication services for MNs and are typically confined to a single building. At the broadcast domain level, the WDS include authentication and registration services for the APs. An AP provides Proxy Authentication and registration services for the MNs. The APs that connect to parent APs through the wireless interface ( as shown by the dotted lines ) are Repeater-APs. The WGBs are managed in the same manner as the MNs. However, the Ethernet Nodes ( EN ) that are connected to the WGB won't be served as part of the WDS. GLOSSARY Access Point ( AP ) Any entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. Wireless Bridge An 802.11 entity that provides wireless connectivity between two wired LAN segments and is used in point- to-point or point-multipoint configurations. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. WorkGroup Bridge ( WGB ) A work-group bridge is a non-STP AP with an 802.11 primary port and a secondary Ethernet port that provides access to a non-STP secondary Ethernet LAN segment. STP refers to the IEEE 802.1D Spanning Tree Protocol. An 'STP AP' executes the 802.1D STP and the 802.1D STP is operated on an 'STP link'. A 'non-STP AP' does not execute the 802.1D STP. Repeater-AP A repeater is a 'wireless AP' that is attached to a parent AP on an 802.11 primary port. The Ethernet port is disabled in a Repeater-AP. Infrastructure Node ( IN ) This term refers to Access Points, Wireless Bridges and those devices that implement and offer WNS and WDS as shown in the network hierarchy. Ethernet Node ( EN ) The node that gets the uplink to the Wireless AP via the WGB. This node connects to the WGB through its primary Ethernet port. Context The mobility context for an MN includes its current mobility bindings with the APs, IP/802 address bindings, cached configuration parameters, QoS state, IP group membership, authentication state, accounting statistics, and other dynamically derived protocol state information. Wireless Domain Services The set of services being offered at a particular broadcast domain that may be an IP subnet or a particular VLAN. The services include the following. 1. MN security credential caching to provide seamless, secure intra-subnet roaming. 2. Authenticated context transfer for roaming client within the subnet. Since, by definition, the WDS are bound to one subnet ( broadcast domain ), if implemented in a device spanning multiple subnets, the implementation should take care to provide separate set of services for each of the subnets. Wireless Network Services The set of services that can be visualized as being offered at various levels other than the lowest (subnet) level of a hierarchical campus network. At the root level, Infrastructure Authentication services for all the devices in the network that provide WNS and WDS are offered. In case if WNS are not distributed at several levels as shown in the hierarchy above and is confined to be offered only at a single root level, the services offered also include authentication services for the MNs. WNS Entity The logical entity that resides in an infrastructure node and offers WNS to the descendants of that infrastructure node in the wireless services hierarchy. WDS Entity The logical entity that resides in an infrastructure node and offers WDS to the descendants of that infrastructure node in the wireless services hierarchy. WS Entity Refers to one of WNS / WDS Entities. Parent Node The node that immediately precedes an infrastructure node in the hierarchy. For mobile nodes, the parent APs provide proxy wireless services by talking to their immediate parent nodes that offer WDS. Root Node The infrastructure node that is at the highest level in the services hierarchy and that offers WNS. The WNS entity acts as the IN Authenticator for the rest of the infrastructure nodes. In case if WNS are not distributed, the root node also acts as the Mobile Node Authenticator ( See description below ). Descendant A node that is in the sub-tree of the campus hierarchy tree rooted at the node providing WNS. Infrastructure Node ( IN ) Authenticator The logical entity that communicates with the AAA server and provides authentication Services for the infrastructure nodes. Details of the IN Authenticator have to be configured in the device providing WDS manually. The AP learns about the IN Authenticator automatically upon registering with its immediate parent. The WDS also includes MN authentication services if the entity providing WDS is at the root level in the hierarchy. Mobile Node ( MN ) Authenticator The logical entity that communicates with the AAA server and provides authentication Services for mobile nodes. An infrastructure node learns the whereabouts of the MN Authenticator from the root node. Wireless Network Manager ( WNM ) The network management system that manages the entire hierarchy of devices providing WNS and WDS. Advertisement The process by which the Access Points identify their parent nodes providing WDS. APs listen to the advertisements of the WDS entities and gets registered with one of those entities to facilitate secured context transfer. WLCCP Wireless LAN Context Control Protocol. Used to establish and manage the network topology and securely manage the 'operational context' for mobile stations in a campus network. AAA Authentication, Authorization, Accounting A node will request network access by executing a protocol to an authentication server that provides protocols and services for providing authentication, authorization and session accounting. Service Set Identifier ( SSID ) 802.11 Service Set Identifier. An SSID identifies a set of mobile nodes grouped into a logical 'service set' and the APs that provide access for the service set. Wired Equivalent Privacy (WEP) This protocol uses a pseudo random generator and RC4 stream cipher and is specified by the 802.11 standard as the algorithm for encryption and authentication over the wireless segment of the LAN. Temporal Key Integrity Protocol ( TKIP ) This protocol provides initialization vector hashing and a Message Integrity Check ( MIC ) to ensure data integrity. TKIP includes use of dynamic keys to defeat capture of passive keys. TKIP uses the RC4 cipher as WEP but the difference is that TKIP changes temporal keys every 10,000 packets thereby providing a dynamic distribution network that enhances the security of the network. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Wireless services at subnet level ================================= +========+ | | | WDS | ( Subnet level - Broadcast | | domain ) +========+ / \ / \ / \ / \ / \ \/ \/ +~-~-~+ +~-~-~+ + + + + + AP + + AP + + + + + +~-~-~+ +~-~-~+ . . . . . . . . . . . . . . . . . . \/ \/ \/ +......+ +-.-.-.+ +~-~-~-+ + + + + + + + MN + + WGB + + AP + + + + + + + +......+ +-.-.-.+ +~-~-~-+ The above diagram depicts how wireless services are being offered in an infrastructure node implementing WDS. In such a network, the WDS entity provides authentication services to both the infrastructure and mobile nodes. The other entities in the diagram are the Mobile Node ( MN ), the Workgroup Bridge (WGB) and another AP-in-repeater mode. The Repeater-APs first perform initial authentication with the AAA server ( through WDS ) and then perform infrastructure authentication and registration with the WDS entity. The WGBs go through the same procedure as the MNs for authentication and registration with the WDS entity. " REVISION "200309150000Z" DESCRIPTION "Initial version of this MIB module. " ::= { ciscoExperiment 110 }

    Information by cisco

    ciscoDot11ContextServicesMIB MODULE-IDENTITY LAST-UPDATED "200309150000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO " Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS E-mail: [email protected]" DESCRIPTION "This MIB supports managing the devices offering WDS and WNS services. The hierarchy of the devices offering the wireless domain and network services looks like the following. += = = = + | | | WNS | (Campus level) | | += = = = + / \ / \ / \ / \ \/ \/ += = =+ += = =+ | | | | | WNS | | WNS | | | | | += = =+ += = =+ / \ \ / \ \ / \ \ / \ \ \/ \/ \/ +=====+ +=====+ +=====+ | | | | | | | WDS | | WDS | | WDS | ( Subnet | | | | | | level- +=====+ +=====+ +=====+ Single / \ \ \ broadcast / \ \ \ domain ) / \ \ \ / \ \ \ / \ \ \ \/ \/ \/ \/ +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +~-~-~+ +~-~-~+ +~-~-~+ +~-~-~+ .. . . . . . . . . . . . . . . . . . . . . . . . \/ \/ \/ \/ \/ +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+ + + + + + + + + + + + MN + + MN + + WGB + + AP + + MN + + + + + + + + + + + +.....+ +.....+ +-.-.-.+ +~-~-~+ +......+ . . . . . . . . . . . . \/ \/ \/ ++++++++ +......+ +......+ + + + + + + + EN + + MN + + MN + + + + + + + ++++++++ +......+ +......+ The diagram above depicts the overall campus network hierarchy and the services being offered at various levels in the hierarchy. Here, Infrastructure Node Authentication services are offered by the device providing WNS at the root (Campus) level. WNS at this level thus span an enterprise campus that resides in a geographic location. WNS are offered at various levels as shown in the hierarchy to achieve scalability. WNS at the subsequent levels other than the root level include authentication services for MNs and are typically confined to a single building. At the broadcast domain level, the WDS include authentication and registration services for the APs. An AP provides Proxy Authentication and registration services for the MNs. The APs that connect to parent APs through the wireless interface ( as shown by the dotted lines ) are Repeater-APs. The WGBs are managed in the same manner as the MNs. However, the Ethernet Nodes ( EN ) that are connected to the WGB won't be served as part of the WDS. GLOSSARY Access Point ( AP ) Any entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. Wireless Bridge An 802.11 entity that provides wireless connectivity between two wired LAN segments and is used in point- to-point or point-multipoint configurations. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. WorkGroup Bridge ( WGB ) A work-group bridge is a non-STP AP with an 802.11 primary port and a secondary Ethernet port that provides access to a non-STP secondary Ethernet LAN segment. STP refers to the IEEE 802.1D Spanning Tree Protocol. An 'STP AP' executes the 802.1D STP and the 802.1D STP is operated on an 'STP link'. A 'non-STP AP' does not execute the 802.1D STP. Repeater-AP A repeater is a 'wireless AP' that is attached to a parent AP on an 802.11 primary port. The Ethernet port is disabled in a Repeater-AP. Infrastructure Node ( IN ) This term refers to Access Points, Wireless Bridges and those devices that implement and offer WNS and WDS as shown in the network hierarchy. Ethernet Node ( EN ) The node that gets the uplink to the Wireless AP via the WGB. This node connects to the WGB through its primary Ethernet port. Context The mobility context for an MN includes its current mobility bindings with the APs, IP/802 address bindings, cached configuration parameters, QoS state, IP group membership, authentication state, accounting statistics, and other dynamically derived protocol state information. Wireless Domain Services The set of services being offered at a particular broadcast domain that may be an IP subnet or a particular VLAN. The services include the following. 1. MN security credential caching to provide seamless, secure intra-subnet roaming. 2. Authenticated context transfer for roaming client within the subnet. Since, by definition, the WDS are bound to one subnet ( broadcast domain ), if implemented in a device spanning multiple subnets, the implementation should take care to provide separate set of services for each of the subnets. Wireless Network Services The set of services that can be visualized as being offered at various levels other than the lowest (subnet) level of a hierarchical campus network. At the root level, Infrastructure Authentication services for all the devices in the network that provide WNS and WDS are offered. In case if WNS are not distributed at several levels as shown in the hierarchy above and is confined to be offered only at a single root level, the services offered also include authentication services for the MNs. WNS Entity The logical entity that resides in an infrastructure node and offers WNS to the descendants of that infrastructure node in the wireless services hierarchy. WDS Entity The logical entity that resides in an infrastructure node and offers WDS to the descendants of that infrastructure node in the wireless services hierarchy. WS Entity Refers to one of WNS / WDS Entities. Parent Node The node that immediately precedes an infrastructure node in the hierarchy. For mobile nodes, the parent APs provide proxy wireless services by talking to their immediate parent nodes that offer WDS. Root Node The infrastructure node that is at the highest level in the services hierarchy and that offers WNS. The WNS entity acts as the IN Authenticator for the rest of the infrastructure nodes. In case if WNS are not distributed, the root node also acts as the Mobile Node Authenticator ( See description below ). Descendant A node that is in the sub-tree of the campus hierarchy tree rooted at the node providing WNS. Infrastructure Node ( IN ) Authenticator The logical entity that communicates with the AAA server and provides authentication Services for the infrastructure nodes. Details of the IN Authenticator have to be configured in the device providing WDS manually. The AP learns about the IN Authenticator automatically upon registering with its immediate parent. The WDS also includes MN authentication services if the entity providing WDS is at the root level in the hierarchy. Mobile Node ( MN ) Authenticator The logical entity that communicates with the AAA server and provides authentication Services for mobile nodes. An infrastructure node learns the whereabouts of the MN Authenticator from the root node. Wireless Network Manager ( WNM ) The network management system that manages the entire hierarchy of devices providing WNS and WDS. Advertisement The process by which the Access Points identify their parent nodes providing WDS. APs listen to the advertisements of the WDS entities and gets registered with one of those entities to facilitate secured context transfer. WLCCP Wireless LAN Context Control Protocol. Used to establish and manage the network topology and securely manage the 'operational context' for mobile stations in a campus network. AAA Authentication, Authorization, Accounting A node will request network access by executing a protocol to an authentication server that provides protocols and services for providing authentication, authorization and session accounting. Service Set Identifier ( SSID ) 802.11 Service Set Identifier. An SSID identifies a set of mobile nodes grouped into a logical 'service set' and the APs that provide access for the service set. Wired Equivalent Privacy (WEP) This protocol uses a pseudo random generator and RC4 stream cipher and is specified by the 802.11 standard as the algorithm for encryption and authentication over the wireless segment of the LAN. Temporal Key Integrity Protocol ( TKIP ) This protocol provides initialization vector hashing and a Message Integrity Check ( MIC ) to ensure data integrity. TKIP includes use of dynamic keys to defeat capture of passive keys. TKIP uses the RC4 cipher as WEP but the difference is that TKIP changes temporal keys every 10,000 packets thereby providing a dynamic distribution network that enhances the security of the network. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Wireless services at subnet level ================================= +========+ | | | WDS | ( Subnet level - Broadcast | | domain ) +========+ / \ / \ / \ / \ / \ \/ \/ +~-~-~+ +~-~-~+ + + + + + AP + + AP + + + + + +~-~-~+ +~-~-~+ . . . . . . . . . . . . . . . . . . \/ \/ \/ +......+ +-.-.-.+ +~-~-~-+ + + + + + + + MN + + WGB + + AP + + + + + + + +......+ +-.-.-.+ +~-~-~-+ The above diagram depicts how wireless services are being offered in an infrastructure node implementing WDS. In such a network, the WDS entity provides authentication services to both the infrastructure and mobile nodes. The other entities in the diagram are the Mobile Node ( MN ), the Workgroup Bridge (WGB) and another AP-in-repeater mode. The Repeater-APs first perform initial authentication with the AAA server ( through WDS ) and then perform infrastructure authentication and registration with the WDS entity. The WGBs go through the same procedure as the MNs for authentication and registration with the WDS entity. " REVISION "200309150000Z" DESCRIPTION "Initial version of this MIB module. " ::= { ciscoExperiment 110 }

    First Registration Authority (recovered by parent 1.3.6.1.4.1.9)

    Greg Satz

    Current Registration Authority (recovered by parent 1.3.6.1.4.1.9)

    Cisco Systems, Inc.

    Children (3)

    OIDNameSub childrenSub Nodes TotalDescription
    1.3.6.1.4.1.9.10.110.0 ciscoDot11csMIBNotifications 3 3 None
    1.3.6.1.4.1.9.10.110.1 ciscoDot11csMIBObjects 3 90 None
    1.3.6.1.4.1.9.10.110.2 ciscoDot11csMIBConformance 2 7 None

    Brothers (115)

    To many brothers! Only 100 nearest brothers are shown.

    OIDNameSub childrenSub Nodes TotalDescription
    ...
    1.3.6.1.4.1.9.10.60 ciscosrpMIB 6 198 The MIB module to describe objects for Spatial Reuse
    Protocol (SRP) interface layer.
    1.3.6.1.4.1.9.10.62 ciscoIPsecMIB 3 110 The MIB module for modeling Cisco-specific
    IPsec attributes

    Overview of Cisco IPsec MIB

    MIB description

    This MIB models the Cisco…
    1.3.6.1.4.1.9.10.65 mplsLdpMIB 3 240 This MIB contains managed object definitions for the
    Multiprotocol Label Switching, Label Distribution
    Protocol, LDP, as defined …
    1.3.6.1.4.1.9.10.66 ciscoOpticalIfExtnMIB 2 43 A MIB module containing extensions to the IF-MIB for optical
    interfaces.
    1.3.6.1.4.1.9.10.67 ciscoOpticalPatchMIB 3 38 This MIB module is used to configure and monitor the network
    element view of optical patches between two ports or
    fibers on the s…
    1.3.6.1.4.1.9.10.68 ciscoOpticalIfCrossConnectMIB 2 33 This MIB module is used to create and monitor cross-connects
    (horizontal relationships) between peer interfaces on the same
    netwo…
    1.3.6.1.4.1.9.10.69 ciscoMetroPhyMIB 2 63 This MIB module defines the managed objects for physical
    layer related interface configurations and objects
    for the protocol spec…
    1.3.6.1.4.1.9.10.71 cApsMIB 3 74 This management information module supports the
    configuration and management of SONET linear APS groups.
    The definitions and desc…
    1.3.6.1.4.1.9.10.72 cApsExtMIB 2 53 The Cisco APS Extension MIB extends the Cisco APS MIB
    in order to a) support path APS architectures and
    b) support interfaces oth…
    1.3.6.1.4.1.9.10.73 ciscoSpMIB 3 453 The MIB for managing the SS7 Signalling Point (SP)
    implemented in the Cisco IOS SS7 offload product. The
    relevant ITU documents …
    1.3.6.1.4.1.9.10.74 ceSctpMIB 2 135 The MIB module for managing SCTP implementation.
    1.3.6.1.4.1.9.10.75 cSctpMIB 2 108 The MIB module for managing SCTP protocol (RFC 2960).
    1.3.6.1.4.1.9.10.76 cSctpExtMIB 3 64 An extension to the CISCO-IETF-SCTP-MIB.my used to
    provide additional information to manage the Stream
    Control Transmission Prot…
    1.3.6.1.4.1.9.10.77 ciscoIetfNatMIB 3 130 This MIB module defines the generic managed objects
    for NAT.
    1.3.6.1.4.1.9.10.83 ciscoOpticalMonitoringMIB 3 19 This MIB module is used to monitor optical parameters
    of a network element.This MIB deals with the operating
    parameters of the op…
    1.3.6.1.4.1.9.10.84 ciscoRpmsMIB 3 66 This MIB contains objects pertinent to a Resource
    Policy Management System (RPMS) server.

    RPMS is a key component of Cisco Any S…
    1.3.6.1.4.1.9.10.85 ciscoIetfIpForward 8 71 The MIB module for the management of CIDR multipath IP
    Routes.
    1.3.6.1.4.1.9.10.86 ciscoIetfIpMIB 2 87 The MIB module for managing IP and ICMP implementations,
    but excluding the management of IP routes.
    1.3.6.1.4.1.9.10.87 ciscoIetfVdslMIB 1 91 The MIB module defining objects for the management of a pair of
    VDSL modems at each end of the VDSL line. Each VDSL line has
    an …
    1.3.6.1.4.1.9.10.88 ciscoCdlMIB 3 58 This MIB module defines objects to manage Converged Data Link
    (CDL).

    CDL provides OAM&P (Operation, Administration, Maintenance a…
    1.3.6.1.4.1.9.10.89 ciscoIetfDot11QosMIB 2 43 This MIB module provides network management
    support for QoS on wireless LAN devices. All
    objects defined in this MIB are listed (…
    1.3.6.1.4.1.9.10.90 ciscoIetfDot11QosExtMIB 3 29 This MIB module provides network management
    support for QoS on IEEE 802.11 wireless LAN
    devices. This MIB is an extension to QoS …
    1.3.6.1.4.1.9.10.91 cEventMgrMIB 3 51 None
    1.3.6.1.4.1.9.10.93 ciscoHcAlarmMIB 3 37 This module defines Remote Monitoring MIB extensions for
    High Capacity Alarms.
    1.3.6.1.4.1.9.10.94 ciscoIscsiModule 3 207 The iSCSI Protocol MIB module.
    1.3.6.1.4.1.9.10.95 ciscoScsiMIB 3 169 The Cisco version of the SCSI MIB
    draft draft-ietf-ips-scsi-mib-03.txt from
    the IETF.
    1.3.6.1.4.1.9.10.96 ciscoFcipMgmtMIB 2 78 The Fibre Channel Over TCP/IP management MIB module.
    This mib module is the Cisco version of the FCIP MIB draft
    , draft-ietf-ips-…
    1.3.6.1.4.1.9.10.97 ciscoAtmPvcTrapExtnMIB 3 201 This MIB Module is a supplement to the
    CISCO-IETF-ATM2-PVCTRAP-MIB.
    1.3.6.1.4.1.9.10.98 cmplsFrrMIB 4 81 This MIB module contains managed object definitions for MPLS
    Fast Reroute (FRR) as defined in:Pan, P., Gan, D., Swallow, G.,
    Vass…
    1.3.6.1.4.1.9.10.99 cospf 11 105 An extension to the MIB module defined in
    RFC 1850 for managing OSPF implimentation.
    Most of the MIB definitions are based on
    the …
    1.3.6.1.4.1.9.10.101 ciscoOspfTrapMIB 3 33 ciscoOspftrapMIB
    1.3.6.1.4.1.9.10.102 ciscoIetfDhcpSrvMIB 3 148 The MIB module for entities implementing the server side of
    the Bootstrap Protocol (BOOTP) and the Dynamic Host
    Configuration pro…
    1.3.6.1.4.1.9.10.104 ciscoMegacoExtMIB 3 240 The MIB module is an extension of CISCO-IETF-MEGACO-MIB.
    It defines the attributes of ITU H.248 protocol.
    1.3.6.1.4.1.9.10.105 ciscoDot11RadioDiagMIB 3 18 This MIB is intended to be implemented on all
    802.11 based Access Points and Wireless Bridges
    that need to participate in radio e…
    1.3.6.1.4.1.9.10.106 cpwVcMIB 3 90 This MIB contains managed object definitions for Pseudo
    Wire operation as in: Pate, P., et al, framework>, Xiao, X., et al, requ…
    1.3.6.1.4.1.9.10.107 cpwVcMplsMIB 3 61 This MIB complements the CISCO-IETF-PW-MIB for PW operation
    over MPLS.
    1.3.6.1.4.1.9.10.108 cpwVcEnetMIB 3 27 This MIB describes a model for managing Ethernet
    point-to-point pseudo wire services over a Packet
    Switched Network (PSN).
    1.3.6.1.4.1.9.10.109 ciscoDot11CscMIB 2 23 This MIB is intended to be implemented on all 802.11
    Access Points and Wireless Bridges that need to
    participate in the context m…
    1.3.6.1.4.1.9.10.112 cpwVcFrMIB 3 28 Cisco Pseudo Wire Frame Relay MIB

    This MIB describes network management objects defined
    for FRoPW services over a Packet Switche…
    1.3.6.1.4.1.9.10.113 ciscoMvpnMIB 3 88 This MIB contains managed object definitions for
    Cisco implementation of multicast in VPNs defined
    by the Internet draft: draft-r…
    1.3.6.1.4.1.9.10.116 ciscoIetfIsnsMgmtMIB 2 259 The Cisco version of the ISNS Management MIB draft
    draft-ietf-ips-isns-mib-06.txt from the IETF.
    1.3.6.1.4.1.9.10.117 ciscoIetfIpMRouteMIB 2 85 Address family independent MIB module for management
    IP Multicast routing, but independent of the specific
    multicast routing prot…
    1.3.6.1.4.1.9.10.118 ciscoIetfIsisMIB 3 281 This document describes a management information base for
    the IS-IS Routing protocol, as described in ISO 10589,
    when it is used …
    1.3.6.1.4.1.9.10.119 ciscoIetfPimMIB 3 71 Address family independent MIB module for
    management of PIM routers.

    This MIB module is based on RFC 2934 with additional
    MIB obje…
    1.3.6.1.4.1.9.10.120 ciscoIetfPimExtMIB 3 100 The MIB module which extends PIM management
    capabilities defined in CISCO-IETF-PIM-MIB.
    1.3.6.1.4.1.9.10.122 ciscoIetfDhcpSrvExtMIB 3 149 The MIB module is an extension of the Cisco IETF
    Dynamic Host Configuration protocol (DHCP) MIB.
    1.3.6.1.4.1.9.10.128 ciscoH320DialControlMIB 3 35 This MIB module enhances the IETF Dial Control MIB
    (RFC2128) by providing H.320 call information over
    a telephony network.

    ITU-T R…
    1.3.6.1.4.1.9.10.130 ciscoIetfMsdpMIB 1 84 An experimental MIB module for MSDP Management
    and Monitoring.
    Version draft-ietf-mboned-msdp-mib-01.txt is
    ciscoized
    1.3.6.1.4.1.9.10.131 cpwCTDMMIB 3 85 This MIB contains managed object definitions for
    encapsulating TDM (T1,E1, T3, E3, NxDS0) as
    pseudo-wires over packet-switching n…
    1.3.6.1.4.1.9.10.132 ciscoDiameterSGMIB 3 20 The MIB module for Cisco's Diameter Server Group
    Entities. This MIB describes the SNMP MIB objects
    that are supported in order to…
    1.3.6.1.4.1.9.10.133 ciscoDiameterBasePMIB 3 199 The MIB module for entities implementing the
    Diameter Base Protocol. Initial Cisco'ized version of the
    IETF draft
    draft-zorn-dime-…
    1.3.6.1.4.1.9.10.134 cEventMgrMIB 3 64 The MIB module to describe and store events generated
    by the Cisco Embedded Event Manager.

    The Cisco Embedded Event Manager detec…
    1.3.6.1.4.1.9.10.136 cdot3OamMIB 3 91 The MIB module for managing the new Ethernet OAM features
    introduced by the Ethernet in the First Mile task force (IEEE
    802.3ah).…
    1.3.6.1.4.1.9.10.137 ciscoIetfBfdMIB 3 70 This document contains the Management information base for
    Bidirectional Forwarding Detection(BFD) Protocol as defined
    in draft-i…
    1.3.6.1.4.1.9.10.138 cvplsGenericMIB 3 46 This MIB module contains generic managed object definitions
    for Virtual Private LAN Services as in [L2VPN-VPLS-LDP] and
    [L2VPN-VP…
    1.3.6.1.4.1.9.10.140 ciscoIetfVplsBgpExtMIB 3 31 This MIB module enables the use of any underlying Pseudo Wire network.

    This MIB extends the MIB module published in the RFC 4188…
    1.3.6.1.4.1.9.10.141 cvplsLdpMIB 2 13 This MIB module contains managed object definitions for
    LDP signalled Virtual Private LAN Services as in
    [L2VPN-VPLS-LDP]

    This MIB…
    1.3.6.1.4.1.9.10.142 cmplsTeP2mpStdMIB 4 76 This MIB module contains managed object definitions
    for Point-to-Multipoint (P2MP) MPLS Traffic Engineering (TE)
    defined in:
    1. Si…
    1.3.6.1.4.1.9.10.143 ciscoVrrp07MIB 4 101 This MIB describes objects used for managing Virtual
    Router Redundancy Protocol version 3 (VRRPv3) for IPv4
    and IPv6.

    This MIB sup…
    1.3.6.1.4.1.9.10.144 cmplsTcExtStdMIB 0 0 Copyright (c) 2012 IETF Trust and the persons identified
    as the document authors. All rights reserved.

    This MIB module contains …
    1.3.6.1.4.1.9.10.145 cmplsLsrExtStdMIB 3 12 Copyright (c) 2012 IETF Trust and the persons identified
    as the document authors. All rights reserved.

    This MIB module contains …
    1.3.6.1.4.1.9.10.146 cmplsTeExtStdMIB 3 41 Copyright (c) 2012 IETF Trust and the persons identified
    as the document authors. All rights reserved.
    This MIB module contains …
    1.3.6.1.4.1.9.10.147 cmplsIdStdMIB 3 11 Copyright (c) 2012 IETF Trust and the persons identified
    as the document authors. All rights reserved.

    This MIB module contains …
    ...