SNMP configuration command directory
Tasks and examples related to system management
configurations, please refer to the chapter”configure SNMP”
Use
command ”snmp-server community” to
set community strings permitted to visit on SNMP protocol. While use “ no
snmp-server community” to delete appointed community string.
snmp-server
community string
[view view-name]
[ro | rw] [word]
no snmp-server
community string
parameter:
string |
community
strings ,which are similar to password, permitted to visit on SNMP protocol |
view
view-name |
(optional)
view name defined before. This view defines effective MIB objects to
community. |
ro |
(optional)
appoint read-only authority. The authorization administer workstation can
only read MIB objects. |
rw |
(optional)
appoint read/write authority. The authorization administer workstation can
read and modify MIB objects. |
word |
(optional),
appoint visiting list name permitted to visit on SNMP agent’s IP address
through community string.. |
default:
If default, SNMP community string permit all objects “read-only”.
command
mode:
global configuration mode
explanation:
If
without any parameter, it will list configuration information of all community
strings .
Example:
The
following example will introduce how to allocate string “comaccess” to SNMP,
which permits read-only accessing and appoint “allowed”-IP accessing list can
use community string.
snmp-server
community comaccess ro allowed
The following
example will allocate “mgr” to SNMP, which permits to read and write objects in
view named “restricted”.
snmp-server
community mgr view restricted rw
The
following example will delete community string ”conaccess”.
no
snmp-server community comaccess
relevant
command:
access-list
snmp-server
view
Use command “snmp-server contact”to set contact information
(sysContact)of administrate node. While use“no snmp-server contact”to delete
contact information.
snmp-server contact text
no snmp-server contact
parameter:
text |
String
expresses node contact information . |
default:
do not set node contact information
command
mode:
global
configuration mode
explanation:
It is corresponding to value of sysContact in MIB variables
in system group.
example:
The following
is an example of node contact information:
snmp-server contact
Dial_System_Operator_at_beeper_#_27345
relevant
command:
use
index or search information online to look for related documents
Use
‘snmp-serve host” to appoint receiver of SNMP traps. While use “no snmp-server
host “ to delete appointed host.
snmp-server
host host
community-string [trap-type]
no
snmp-server host host
parameter:
host |
Host’s
name or Internet address |
community-string |
Community
string, similar to password, transmitting with trap together. |
trap-type |
(optional) If did not appoint any trap, it will transmit
all producing traps to the host.
·
permit to transmit traps of
authentication error ·
permit to transmit SNMP-configue
traps ·
permit to transmit all SNMP traps |
default:
This command will ineffective when default. It will not transmit any trap. If do not input any command with keyword ,it will transmit all traps,
command
mode:
global configuration mode
explanation:
It will not transmit any trap if without inputting snmp-server
host command. To configure the router to transmit SNMP traps, use
command”snmp-server host.
If input the command without keyword “trap-type”, it will
activate all traps of this host.
If input the command with “trap-type”, it will only
activate traps related to this keyword. User can appoint multiple trap types
for each host.
If appoint multiple “snmp-server host” commands for a host,
it will filter snmp trap message to this host by community string and trap type
in the command. (it can only set a kind of trap for a host and community
string.)
Usabilities of
trap-type’s items depend on the types of the router and features of route
software supported by the router.
example:
The
following example will transmit snmp defined by RFC 1157 to the host whose
address is “10.20.30.40”.
Community string is defined as “comaccess”.
snmp-server
host 10.20.30.40 comaccess snmp
The
following example will make the router transmit all traps to the
host”10.20.30.40” through community string “public”.
snmp-server
host 10.20.30.40 public
Only
the trap called “authentication” is effective in the following example, which can
be transmitted to the host”bob”.
snmp-server
host bob public authentication
relevant
command:
snmp-server
queue-length
snmp-server
trap-source
snmp-server
trap-timeout
Use
global configuration mode command “snmp-server location” to set location string
of the node. While using “no snmp-server location” can delete location
string.
snmp-server
location text
no
snmp-server location
parameter:
text |
Describe
location string of the node. |
default:
do not set location string of the node
command
mode:
global configuration mode
explanation:
Correspond to syslocation in MIB of system group .
example:
The
following example will define real location of the router:
snmp-server
location Building_3/Room_214
relevant
commands:
snmp-server
contact
Use global configuration mode command
“snmp-server packetsize” to define the maximum size of SNMP packet when SNMP
server is receiving request or producing response. snmp-server packetsize byte-count
no
snmp-server packetsize
parameter:
byte-count |
Integer
byte from 484 to 17940, default is 3000 bytes. |
default:
3000
bytes
command
mode:
global configuration mode
explanation:
Correspond to syslocation in MIB in system group
example:
The
following example will setup packet filter with the maximum length of 1024
bytes.
snmp-server
location Building_3/Room_214
relevant
command:
snmp-server
queue-length
Use
global configuration mode command “snmp-server queue-length” to set message
queue length for each trap host.
snmp-server
queue-length
length
parameter:
length |
The
trap events numbers can be kept in queue(1-1000). |
default:
10 events
command
mode:
global configuration mode
explanation:
This command defines message queue length for each trap
host. The router will clear queue once successfully transport trap message.
example:
The
following example will setup a message queue which can capture four events.
snmp-server
queue-length 4
relevant
command:
snmp-server
packetsize
Use global
configuration mode command “snmp-server trap-source” to appoint a interface as
all traps source address. While using “no snmp-server trap-source” can
delete such an interface.
snmp-server
trap-source interface
no
snmp-server trap-source
parameter
interface |
SNMP
trap interface. Parameters include interface type and number of special
platform, grammar mode. |
default:
without any interface
command
mode:
global configuration mode
explanation:
When transmit SNMP
trap from SNMP server, it will have its address regardless of which interface.
If want to trail by this trap address, use this command.
example:
The
following example will appoint Ethernet 1/0 interface address as all traps
source address.
snmp-server
trap-source ethernet 1/0
The
following example will appoint IP address of Ethernet 1/0 interface as all
traps source address.
snmp-server
trap-source ethernet 1/0
relevant
command:
snmp-server
queue-length
snmp-server
host
Use
global configuration mode command “snmp-server trap-timeout” to define the
time-out value of re-transmitting trap .
snmp-server
trap-timeout seconds
parameter:
seconds |
Time
slot integer with the unit of second for re-transmitting message. |
default:
30 seconds
command
mode:
global configuration mode
explanation:
Before the router’s software tries to transmit trap, it will
look for destination address’s route. If without route, traps will saved to
re-transmitting queue. Command “server trap-timeout ”determines re-transmitting
time intervals.
example;
The
following example will set 20 seconds time intervals, and try to re-transmit
trap in re-transmitting queue.
snmp-server
trap-timeout 20
relevant
commands:
snmp-server
host
snmp-server
queue-length
Use
global configuration mode command “snmp-server view” to create or update MIB
view. While using “no snmp-server view” can delete a view of SNMP server.
snmp-server
view view-name oid-tree {included |
excluded}
no snmp-server view view-name
parameter:
view-name |
Update
or create view name. |
oid-tree |
Must
include or exclude objects identifier of ASN.1 sub-tree from view. Identify
sub-tree, appoint a string including digit, like 1.3.6.2.4 or a sub-tree name
like
system. All names can be found in MIB tree. |
included
excluded |
The
type of view. Must appoint included or excluded. |
default:
none
command
mode:
global configuration mode
explanation:
If
other SNMP commands need a view as parameter, use this command to create a view
to be parameters of theses SNMP commands.
When
default, do not need to define a view, user can read all objects( which is like
“everything” view pre-defined by Cisco.).
Use this command to define all objects which can be seen by the view.
example:
The
following example will create all objects’ view in MIB-II sub-tree.
snmp-server
view mib2 mib-2 included
The
following example will create all objects’ view including system group.
snmp-server
view phred system included
The
following example will create a view including all objects in system group
except all objects in sysServices.7 and N0. 1 interface.
snmp-server
view agon system included
snmp-server
view agon system.7 excluded
relevant
command:
snmp-server
community
Use command
“show snmp” to monitor SNMP input and output statistic, including illegal
community string items, errors and request variables number.
Use
command “show snmp host” to display SNMP trap host information.
Use
command “show snmp view” to display SNMP view information.
show
snmp [ host
| view ]
parameter:
host: Display SNMP
trap host information
view: Display SNMP view information
default:
none
command
mode:
supervisor mode, global configuration mode
explanation:
Use command “show snmp”, it will list SNMP input and output
statistic .
Use command “show snmp host”,it will display SNMP trap host
information.
Use command “show snmp view”, it will display SNMP view
information.
example:
The following
example will list SNMP input and output statistic.
#show
snmp
37 SNMP
packets input
0 Bad
SNMP version errors
4
Unknown community name
0
Illegal operation for community name supplied
0 Snmp
encoding errors
24
Number of requested variables
0
Number of altered variables
0
Get-request PDUs
28
Get-next PDUs
0
Set-request PDUs
78 SNMP
packets output
0 Too
big errors (Maximum packet size 1500)
0 No
such name errors
0 Bad
values errors
0
General errors
24
Get-response PDUs PDUs
13 SNMP
trap PDUs
SNMP
Agent receive /transmit message statistic information’s meaning:
display information |
meaning |
Unknown
community name |
community
name can not be known |
Illegal
operation for community name supplied |
illegal
operation |
Encoding
errors |
encoding
errors |
Get-request
PDUs |
Get-request
message |
Get-next
PDUs |
Get-next
message |
Set-request
PDUs |
Set-request
message |
Too
big errors |
too
big response message, can not produce response message |
No
such name errors |
no
appoint example |
Bad
values errors |
bad values error |
General
errors |
general
errors |
Get-response
PDUs |
Get-response
message |
Trap
PDUs |
SNMP
trap message |
The
following example will show SNMP trap host information.
#show
snmp host
Notification host:
192.2.2.1 udp-port:
162 type: trap
user: public security model: v1
The
following example will display SNMP view information.
#show
snmp view
mib2 mib-2 - included
permanent active
relevant
commands:
snmp-server
host
snmp-server
view
Show
SNMP event, message transmitting, receiving course and error information.
debug
snmp [
error | event | packet ]
no
debug snmp
This
command will stop showing information.
Parameter:
error |
open
SNMP error information’s debug switch. |
event |
open
SNMP event’s debug switch |
packet |
open
SNMP input/output message’s debug switch |
command
mode:
supervisor
mode
explanation:
After opening SNMP
information debug switch, output SNMP event, message transmitting, receiving
course and error information , which can help users to shoot SNMP trouble.
example:
The
following example will describe conditions of debugging SNMP
receiving/transmitting message:
Router#debug
snmp packet
Received
49 bytes from 192.168.0.29:1433
0000:
30 82 00 2D 02 01 00 04 06 70 75 62 6C 69 63
A0 0..-.....public.
0016:
82 00 1E 02 02 7D 01 02 01 00 02 01 00 30 82
00 .....}.......0..
0032:
10 30 82 00 0C 06 08 2B 06 01 02 01 01 03 00
05 .0.....+........
0048:
00
.
Sending
52 bytes to 192.168.0.29:1433
0000:
30 82 00 30 02 01 00 04 06 70 75 62 6C 69 63
A2 0..0.....public.
0016:
82 00 21 02 02 7D 01 02 01 00 02 01 00 30 82
00 ..!..}.......0..
0032:
13 30 82 00 0F 06 08 2B 06 01 02 01 01 03 00 43
.0.....+.......C
0048:
03 00 F4
36
...6
Received
51 bytes from 1192.168.0.29:1434
0000:
30 82 00 2F 02 01 00 04 06 70 75 62 6C 69 63
A0 0../.....public.
0016:
82 00 20 02 02 6B 84 02 01 00 02 01 00 30 82 00
.. ..k.......0..
0032:
12 30 82 00 0E 06 0A 2B 06 01 02 01 02 02 01
02 .0.....+........
0048:
01 05
00
...
Sending
62 bytes to 192.168.0.29:1434
0000:
30 82 00 3A 02 01 00 04 06 70 75 62 6C 69 63 A2
0..:.....public.
0016:
82 00 2B 02 02 6B 84 02 01 00 02 01 00 30 82
00 ..+..k.......0..
0032:
1D 30 82 00 19 06 0A 2B 06 01 02 01 02 02 01
02 .0.....+........
0048:
01 04 0B 45 74 68 65 72 6E 65 74 30 2F
31 ...Ethernet0/1
domain |
description |
Received
|
SNMP
receiving/transmitting message |
192.168.0.29 |
source
IP address |
1433 |
interface
number of source address |
51
bytes |
length
of receiving message |
30 82
00 2D 02 01 00 04 06 70 75 62 6C 69 63 A0 82 00
1E 02 02 7D 01 02 01 00 02 01 00 30 82 00 10 30
82 00 0C 06 08 2B 06 01 02 01 01 03 00 05 00
|
SNMP
ASN after-coding Message |
0..-.....public. .....}.......0.. .0.....+........ . |
receiving
message ‘s ASCII expressing, if beyond ASC II , express by “.” |
sending
|
SNMP
transmitting message |
192.168.0.29 |
destination
IP address |
1433 |
interface
number of destination address |
52
bytes |
length
of transmitting message |
30 82
00 30 02 01 00 04 06 70 75 62 6C 69 63 A2 82 00
21 02 02 7D 01 02 01 00 02 01 00 30 82 00 13 30
82 00 0F 06 08 2B 06 01 02 01 01 03 00 43 03 00
F4 36 |
SNMP
ASN after-coding message |
0..0.....public. ..!..}.......0.. .0.....+.......C ...6 |
Transmitting
message ‘s ASCII expressing, if beyond ASC II , express by “.” |
The
following example will describe conditions of debugging SNMP events:
Router#debug
snmp event
Received
SNMP packet(s) from 192.2.2.51
SNMP: GETNEXT request
-- ip.ipReasmFails.0
SNMP: Response
>> ip.ipFragOKs.0 = 1
Received
SNMP packet(s) from 192.2.2.51
SNMP: GETNEXT request
-- ip.ipFragOKs.0
SNMP: Response
>> ip.ipFragFails.0 = 0
Received
SNMP packet(s) from 192.2.2.51
SNMP: GETNEXT request
-- ip.ipFragFails.0
SNMP: Response
>> ip.ipFragCreates.0 = 2
domain |
description |
SNMP |
current
debugging is SNMP |
GETNEXT
request |
SNMP
getnext request |
RESPONSE |
SNMP
response |
-- |
receive
message |
>> |
transmit
message |
ip.ipReasmFails.0 |
request
visit MIB OID |
ip.ipFragOKs.0
= 1 |
visited MIB OID and its back value |