SYSTEM ADMINISTRATOR GUIDE     51/1543-CRA 119 1170/1-V1 Uen A    

Configuring RMON and SNMP

© Copyright Ericsson AB 2009. All rights reserved.

Disclaimer

No part of this document may be reproduced in any form without the written permission of the copyright owner. The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Ericsson shall have no liability for any error or damage of any kind resulting from the use of this document.

Trademark List

SmartEdge  is a registered trademark of Telefonaktiebolaget L M Ericsson.
NetOp  is a trademark of Telefonaktiebolaget L M Ericsson.

Contents

1About SNMP
1.1MIBs
1.2Notifications
1.3SNMP Management Framework and RFCs
1.4SNMP Versions

2

Configuring RMON
2.1Configure RMON Features
2.2Displaying RMON Information

3

Configuring SNMP
3.1Configure SNMPv1 and SNMPv2
3.2Example: Using SNMPv2
3.3Configure SNMPv3
3.4Example: Using SNMPv3
3.5Displaying SNMP Statistics
3.6Generating SNMP Debug Messages
3.7Example: Setting SNMP Command Privileges

4

Configure MIB Information to Display OIDs in Human-Readable Form


1   About SNMP

SNMP defines standards used to monitor one or more network devices.

An SNMP management system contains the following parts:

1.1   MIBs

The Management Information Base (MIB) is a virtual database of defined objects used to manage network devices. MIB objects are organized hierarchically and each object has a unique object identifier (OID). You can read and write objects to obtain information about a network by using a network-management protocol, such as SNMP. For a list of SNMP standards, see the SNMP Management Framework and RFCs section.

The SmartEdge router supports enterprise-specific MIBs and standard MIBs defined by Redback Networks and standard MIBs defined by standards bodies, such as the Internet Engineering Task Force (IETF), International Telecommunications Union (ITU), and Institute of Electrical and Electronics Engineers, Inc. (IEEE). For information about the OIDs for all Redback enterprise-specific MIBs see Redback Enterprise MIBs.

OIDs are identifiable by numbers. These numbers represent the hierarchy of the object in the MIB. For example, all Redback proprietary MIBs start with the OID syntax 1.3.6.1.4.1.2352.2.xyz. This syntax indicates that .xyz is located in the MIB hierarchy in the following way (numbers in parentheses show their placement in the MIB hierarchy; however, in the system, MIB OIDs are displayed as numbers only):

iso(1).org(3).dod(6).internet(1).private(4).enterprises
(1).redBackNetworks(2352).rbnMgmt(2).xyz

You can also identify an object by its object name. For example, ifNumber in IF-MIB can be identified by its object name (iso.org.dod.internet.mgmt.enterprises.interfaces.ifNumber) or OID (1.3.6.1.2.1.2.1). This document identifies OIDs by object names and numerical format.

1.2   Notifications

An SNMP agent sends notifications to a network manager when certain system events occur. A standard or proprietary MIB defines these notifications, also called traps or events. Notifications are defined in various standard and enterprise-specific MIB modules. For more information about notifications used in the SmartEdge router , see SNMP MIB Notifications

Examples of notifications that can occur in the SmartEdge router are as follows:

See Configure SNMPv1 and SNMPv2 or Configure SNMPv3 for instructions on how to enable notifications on the SmartEdge router . Use the snmp-server host command to specify whether to send SNMP notifications as traps or informs (informational notifications).

1.3   SNMP Management Framework and RFCs

The following components and standards documents define the SNMP management framework:

The SmartEdge router supports the User-Based Security Model (USM) and the following applications specific to RFC 3413, and RFC 3414:

Managed objects are accessed through a virtual information store, the Management Information Base (MIB). MIB objects are defined using the mechanisms set out in the Structure of Management Information (SMI); for more information, see the MIBs section.

1.4   SNMP Versions

The SmartEdge router supports SNMP Version 1 (SNMPv1), Version 2c (SNMPv2), and Version 3 (SNMPv3).

There are several differences between configuring SNMPv1 and SNMPv2, and configuring SNMPv3:

2   Configuring RMON

To configure RMON, perform the tasks in the following sections.

2.1   Configure RMON Features

To configure RMON features, perform the tasks described in Table 1; enter all commands in global configuration mode.

Note:  
You must first enable the SNMP server before you can configure RMON features.

Table 1    Configure RMON Features

#

Task

Root Command

1.

Define an RMON alarm.

rmon alarm

2.

Define an RMON event.

rmon event

2.2   Displaying RMON Information

Table 4 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.

Table 2    SNMP Operations Tasks

Task

Root Command

Display RMON information.

show rmon

3   Configuring SNMP

To configure SNMP, perform the tasks in the following sections.

3.1   Configure SNMPv1 and SNMPv2

To configure SNMPv1 and SNMPv2 for SNMP target management stations, such as the NetOp Element Management System (EMS) server, perform the tasks described in Table 3; enter all commands in global configuration mode unless otherwise noted.

Table 3    Configure SNMPv1 and SNMPv2

#

Task

Root Command

Notes

1.

Enable the SNMP server and access SNMP server configuration mode.

snmp server

 

2.

Specify operational attributes for the server:

 
 
 

Enable or disable per-context filtering of SNMP reporting.

context-filter ifmib

Enter this command in SNMP server configuration mode.

 

Enable or disable linkUp and linkDown notifications for Cisco High-Level Data Link Control (HDLC), Point-to-Point Protocol (PPP), and Frame Relay encapsulation layers, IP layers, or Layer 2 Tunneling Protocol (L2TP) tunnels.

traps (SNMP server configuration)

Enter this command in SNMP server configuration mode.

 

Create additional SNMP MIB views.

snmp view

 
 

Create SNMP community strings.

snmp community

Enter this command multiple times to create multiple community strings.

 

Configure an SNMP target management station to receive SNMP notifications, and optionally specify the context from which notifications are sent.

snmp target

 

Table 4 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.

Table 4    SNMP Operations Tasks

Task

Root Command

Display SNMP configuration.

show configuration snmp

3.2   Example: Using SNMPv2

In the following SNMPv2 example, the view Inet-View includes all objects in the Internet object identifier (OID) tree. The Admin community allows read access to the Inet-View view, and then the SmartEdge router is configured to send traps to a system, NM-Station1, with an IP address of 198.164.190.110:

[local]Redback(config)#snmp server
[local]Redback(config-snmp-server)#traps ifmib encaps
[local]Redback(config-snmp-server)#exit
[local]Redback(config)#snmp view Inet-View internet included 
[local]Redback(config)#snmp community Admin view Inet-View read-only
[local]Redback(config)#snmp target NM-Station1 198.164.190.110 security-name Admin version 2c view Inet-View trap
[local]Redback(config)#end

3.3   Configure SNMPv3

Follow these guidelines to maximize security and ensure proper configuration of SNMPv3 for SNMP target management stations such as the NetOp EMS server:

To configure SNMPv3, perform the tasks described in Table 5; enter all commands in global configuration mode, unless otherwise noted.

Table 5    Configure SNMPv3

#

Task

Root Command

Notes

1.

Enable the SNMP server and access SNMP server configuration mode.

snmp server

 

2.

Specify operational attributes for the server:

 
 
 

Enable or disable per-context filtering of SNMP reporting.

context-filter ifmib

Enter this command in SNMP server configuration mode.

 

Enable linkUp and linkDown notifications for Cisco HDLC, PPP, and Frame Relay encapsulation layers, IP layers, or L2TP tunnels.

traps (SNMP server configuration)

Enter this command in SNMP server configuration mode.

 

Specify a unique engine ID for local or remote systems.

snmp engine-id

A remote engine ID is required to identify an SNMP target, when using SNMPv3.

 

Create additional SNMP MIB views.

snmp view

 

3.

Create an SNMP group.

snmp group

Enter this command multiple times to create multiple groups.

4.

Create an SNMP user.

snmp user

Enter this command multiple times to create multiple users.

5.

Configure an SNMP target management station, and optionally specify the context from which notifications are sent:(1)

   
 

- Option 1

snmp target

 
 

- Option 2

snmp notify

 
 

 

snmp notify-filter

 
 

 

snmp target-parameters

You must enter the first three commands before you enter the snmp notify-target command.

 

 

snmp notify-target

 

(1)  Option 1 and Option 2 are mutually exclusive. The snmp target command is equivalent to the set of commands of Option 2, but only if, in step 3, the SNMP group was created without a notification view identified (the snmp group command with the notifynotify-view construct).

3.4   Example: Using SNMPv3

The following SNMPv3 example configures the Inet-View view, to include all objects in the Internet MIB tree. It also configures an authenticated group, Group4, to allow read and notify access to the Inet-View view, and a user, Admin, who is part of Group4, with an encoded authorization password. It also configures the SmartEdge router to send inform notifications from the Inet-View view, to a system, Nm-Station1 (IP address 10.3.4.5), excluding the rbnSRMIBNotifications trap:

[local]Redback(config)#snmp server
[local]Redback(config-snmp-server)#traps ifmib encaps
[local]Redback(config-snmp-server)#exit
[local]Redback(config)#snmp engine-id local AA:00:00:00:01
[local]Redback(config)#snmp view Inet-View internet included 
[local]Redback(config)#snmp group Group4 security-model usm auth read Inet-View notify Inet-View

[local]Redback(config)#snmp user Admin group Group4 security-model usm md5 key encoded base64 L1sR+UKZj4PqeRodf3zqTg==

[local]Redback(config)#snmp notify Notify-Inform Tag-Inform inform

[local]Redback(config)#snmp notify-filter Filter-incInet 1.3.*.4 included

[local]Redback(config)#snmp notify-filter Filter-NOrbnSRMIB rbnSRMIBNotifications excluded

[local]Redback(config)#snmp target-parameters Param2 security-name Admin version 3 security-level auth 

[local]Redback(config)#snmp notify-target Nm-Station1 10.3.4.5/24 tag Inet-Informs parameters Param2 filter Filter-NOrbnSRMIB

3.5   Displaying SNMP Statistics

Table 6 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.

Table 6    SNMP and RMON Operations Tasks

Task

Root Command

Enable the generation of SNMP debug messages.

debug snmp

Display commands for the SNMP.

show configuration snmp

Display RMON information.

show rmon

Display SNMP statistics, including usage, configured contexts, communities, notifications, SNMP daemon status, targets, and views.

show snmp

3.6   Generating SNMP Debug Messages

Table 7 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.

Table 7    SNMP Operations Tasks

Task

Root Command

Enable the generation of SNMP debug messages.

debug snmp

3.7   Example: Setting SNMP Command Privileges

The following example assigns the minimum privilege level to all commands that start with the snmp keyword to 12:

[local]Redback(config)#privilege config inherit level 12 snmp

4   Configure MIB Information to Display OIDs in Human-Readable Form

Note:  
You must enable SNMP before you can perform this procedure.

To configure MIB information to display Object Identifiers (OIDs) in human-readable form, perform the tasks described in the list below. This procedure provides a general overview of how to complete this task using any MIB browser. Refer to the documentation for your MIB browser for specific details on how to perform this procedure:

  1. Download and install a MIB browser.
  2. Download and save the MIB definition file.
  3. Add the MIB files to the MIB browser.
  4. Open a MIB object to see the human-readable form of the OID.