![]() |
SYSTEM ADMINISTRATOR GUIDE 51/1543-CRA 119 1170/1-V1 Uen C | ![]() |
Copyright
© Ericsson AB 2009–2010. All rights reserved. No part of this document may be reproduced in any form without the written permission of the copyright owner.
Disclaimer
The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Ericsson shall have no liability for any error or damage of any kind resulting from the use of this document.
Trademark List
SmartEdge | is a registered trademark of Telefonaktiebolaget L M Ericsson. | |
NetOp | is a trademark of Telefonaktiebolaget L M Ericsson. |
SNMP defines standards used to monitor one or more network devices.
An SNMP management system contains the following parts:
The following are examples of protocols SNMP uses to communicate between entities:
The Management Information Base (MIB) is a virtual database of defined objects used to manage network devices. MIB objects are organized hierarchically and each object has a unique object identifier (OID). You can read and write objects to obtain information about a network by using a network-management protocol, such as SNMP. For a list of SNMP standards, see the SNMP Management Framework and RFCs section. For information about SmartEdge OS standard MIB support, see Standard SNMP MIBs.
The SmartEdge router supports
enterprise-specific MIBs and standard MIBs defined by Ericsson and
standard MIBs defined by standards bodies, such as the Internet Engineering
Task Force (IETF), International Telecommunications Union (ITU), and
Institute of Electrical and Electronics Engineers, Inc. (IEEE). For
information about the enterprise-specific MIBs (including the OIDs),
see Enterprise MIBs.
OIDs are identifiable by numbers. These numbers represent the hierarchy of the object in the MIB. For example, all Ericsson proprietary MIBs start with the OID syntax 1.3.6.1.4.1.2352.2.xyz. This syntax indicates that .xyz is located in the MIB hierarchy in the following way (numbers in parentheses show their placement in the MIB hierarchy; however, in the system, MIB OIDs are displayed as numbers only):
iso(1).org(3).dod(6).internet(1).private(4).enterprises (1).redBackNetworks(2352).rbnMgmt(2).xyz
You can also identify an object by its object name. For example, ifNumber in IF-MIB can be identified by its object name (iso.org.dod.internet.mgmt.enterprises.interfaces.ifNumber) or OID (1.3.6.1.2.1.2.1). This document identifies OIDs by object names and numerical format.
For the enterprise MIBs, updates are documented in capability statements (CAP files), organized by software release (similar to a revision history). Standard MIBs do not contain capability statements.
An SNMP agent sends notifications to a network manager when certain system events occur. A standard or proprietary MIB defines these notifications, also called traps or events. Notifications are defined in various standard and enterprise-specific MIB modules. For more information about notifications used in the SmartEdge router , see SNMP MIB Notifications.
Examples of notifications that can occur in the SmartEdge router are as follows:
See Configure SNMPv1 and SNMPv2 or Configure SNMPv3 for instructions on how to enable notifications on the SmartEdge router . Use the snmp-server host command to specify whether to send SNMP notifications as traps or informs (informational notifications).
The following components and standards documents define the SNMP management framework:
The first version, Structure of Management Information (SMIv1) as described in:
The second version, SMIv2, as described in:
SNMP Version 3 (SNMPv3):
The SmartEdge router supports the User-Based Security Model (USM) and the following applications specific to RFC 3413, and RFC 3414:
Managed objects are accessed through a virtual information store, the Management Information Base (MIB). MIB objects are defined using the mechanisms set out in the Structure of Management Information (SMI); for more information, see the MIBs section.
Other supported RFCs are:
The SmartEdge router supports SNMP Version 1 (SNMPv1), Version 2c (SNMPv2), and Version 3 (SNMPv3).
There are several differences between configuring SNMPv1 and SNMPv2, and configuring SNMPv3:
To configure RMON, perform the tasks in the following sections.
To configure RMON features, perform the tasks described in Table 1; enter all commands in global configuration mode.
# |
Task |
Root Command |
---|---|---|
1. |
Define an RMON alarm. |
|
2. |
Define an RMON event. |
Table 4 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.
Task |
Root Command |
---|---|
Display RMON information. |
To configure SNMP, perform the tasks in the following sections.
To configure SNMPv1 and SNMPv2 for SNMP target management stations, such as the NetOp Element Management System (EMS) server, perform the tasks described in Table 3; enter all commands in global configuration mode unless otherwise noted.
# |
Task |
Root Command |
Notes |
---|---|---|---|
1. |
Enable the SNMP server and access SNMP server configuration mode. |
||
2. |
Specify operational attributes for the server: |
||
Enable or disable per-context filtering of SNMP reporting. |
Enter this command in SNMP server configuration mode. | ||
Enable or disable linkUp and linkDown notifications for Cisco High-Level Data Link Control (HDLC), Point-to-Point Protocol (PPP), and Frame Relay encapsulation layers, IP layers, or Layer 2 Tunneling Protocol (L2TP) tunnels. |
Enter this command in SNMP server configuration mode. | ||
Create additional SNMP MIB views. |
|||
Create SNMP community strings. |
Enter this command multiple times to create multiple community strings. | ||
Configure an SNMP target management station to receive SNMP notifications, and optionally specify the context from which notifications are sent. |
Table 4 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.
Task |
Root Command |
---|---|
Display SNMP configuration. |
In the following SNMPv2 example, the view Inet-View includes all objects in the Internet object identifier (OID) tree. The Admin community allows read access to the Inet-View view, and then the SmartEdge router is configured to send traps to a system, NM-Station1, with an IP address of 198.164.190.110:
[local]Redback(config)#snmp server [local]Redback(config-snmp-server)#traps ifmib encaps [local]Redback(config-snmp-server)#exit [local]Redback(config)#snmp view Inet-View internet included [local]Redback(config)#snmp community Admin view Inet-View read-only [local]Redback(config)#snmp target NM-Station1 198.164.190.110 security-name Admin version 2c view Inet-View trap [local]Redback(config)#end
Follow these guidelines to maximize security and ensure proper configuration of SNMPv3 for SNMP target management stations such as the NetOp EMS server:
To configure SNMPv3, perform the tasks described in Table 5; enter all commands in global configuration mode, unless otherwise noted.
# |
Task |
Root Command |
Notes |
---|---|---|---|
1. |
Enable the SNMP server and access SNMP server configuration mode. |
||
2. |
Specify operational attributes for the server: |
||
Enable or disable per-context filtering of SNMP reporting. |
Enter this command in SNMP server configuration mode. | ||
Enable linkUp and linkDown notifications for Cisco HDLC, PPP, and Frame Relay encapsulation layers, IP layers, or L2TP tunnels. |
Enter this command in SNMP server configuration mode. | ||
Specify a unique engine ID for local or remote systems. |
A remote engine ID is required to identify an SNMP target, when using SNMPv3. | ||
Create additional SNMP MIB views. |
|||
3. |
Create an SNMP group. |
Enter this command multiple times to create multiple groups. | |
4. |
Create an SNMP user. |
Enter this command multiple times to create multiple users. | |
5. |
Configure an SNMP target management station, and optionally specify the context from which notifications are sent:(1) |
||
- Option 1 |
|||
- Option 2 |
|||
You must enter the first three commands before you enter the snmp notify-target command. |
(1) Option
1 and Option 2 are mutually exclusive. The snmp target command is equivalent to the set of commands of Option 2, but only
if, in step 3, the SNMP group was created without a notification view
identified (the snmp group command with the notifynotify-view construct).
The following SNMPv3 example configures the Inet-View view, to include all objects in the Internet MIB tree. It also configures an authenticated group, Group4, to allow read and notify access to the Inet-View view, and a user, Admin, who is part of Group4, with an encoded authorization password. It also configures the SmartEdge router to send inform notifications from the Inet-View view, to a system, Nm-Station1 (IP address 10.3.4.5), excluding the rbnSRMIBNotifications trap:
[local]Redback(config)#snmp server [local]Redback(config-snmp-server)#traps ifmib encaps [local]Redback(config-snmp-server)#exit [local]Redback(config)#snmp engine-id local AA:00:00:00:01 [local]Redback(config)#snmp view Inet-View internet included [local]Redback(config)#snmp group Group4 security-model usm auth read Inet-View notify Inet-View [local]Redback(config)#snmp user Admin group Group4 security-model usm md5 key encoded base64 L1sR+UKZj4PqeRodf3zqTg== [local]Redback(config)#snmp notify Notify-Inform Tag-Inform inform [local]Redback(config)#snmp notify-filter Filter-incInet 1.3.*.4 included [local]Redback(config)#snmp notify-filter Filter-NOrbnSRMIB rbnSRMIBNotifications excluded [local]Redback(config)#snmp target-parameters Param2 security-name Admin version 3 security-level auth [local]Redback(config)#snmp notify-target Nm-Station1 10.3.4.5/24 tag Inet-Informs parameters Param2 filter Filter-NOrbnSRMIB
Table 6 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.
Task |
Root Command |
---|---|
Enable the generation of SNMP debug messages. |
|
Display commands for the SNMP. |
|
Display RMON information. |
|
Display SNMP statistics, including usage, configured contexts, communities, notifications, SNMP daemon status, targets, and views. |
Table 7 lists the operations tasks for SNMP and Remote Monitoring (RMON). Enter the show commands in any mode; enter all other commands in exec mode.
Task |
Root Command |
---|---|
Enable the generation of SNMP debug messages. |
The following example assigns the minimum privilege level to all commands that start with the snmp keyword to 12:
[local]Redback(config)#privilege config inherit level 12 snmp
To configure MIB information to display Object Identifiers (OIDs) in human-readable form, perform the tasks described in the list below. This procedure provides a general overview of how to complete this task using any MIB browser. Refer to the documentation for your MIB browser for specific details on how to perform this procedure: