SNMP configuration command directory

snmp-server community

snmp-server contact

snmp-server host

snmp-server location

snmp-server packetsize

snmp-server queue-length

snmp-server trap-source

snmp-server trap-timeout

snmp-server view  

show snmp

debug snmp

 

Tasks and examples related to system management configurations, please refer to the chapter”configure SNMP”

snmp-server community

Use command  ”snmp-server community” to set community strings permitted to visit on SNMP protocol. While use “ no snmp-server community” to delete appointed community string.

snmp-server community string [view view-name] [ro | rw] [word]

no snmp-server community string

parameter:

string

community strings ,which are similar to password, permitted to visit on SNMP protocol

view view-name

(optional) view name defined before. This view defines effective MIB objects to community.

ro

(optional) appoint read-only authority. The authorization administer workstation can only read MIB objects.

rw

(optional) appoint read/write authority. The authorization administer workstation can read and modify MIB objects.

word

(optional), appoint visiting list name permitted to visit on SNMP agent’s IP address through community string..

default:

If default, SNMP community string permit all objects “read-only”.

command mode:

global configuration mode

 

explanation:

If without any parameter, it will list configuration information of all community strings .

Example:

The following example will introduce how to allocate string “comaccess” to SNMP, which permits read-only accessing and appoint “allowed”-IP accessing list can use community string.

snmp-server community comaccess ro allowed

The following example will allocate “mgr” to SNMP, which permits to read and write objects in view named “restricted”.

snmp-server community mgr view restricted rw

The following example will delete community string ”conaccess”.

no snmp-server community comaccess 

 

relevant command:

access-list

snmp-server view 

 

snmp-server contact

Use command “snmp-server contact”to set contact information (sysContact)of administrate node. While use“no snmp-server contact”to delete contact information.

snmp-server contact text

no snmp-server contact

parameter:

text

String expresses node contact information .

default:

do not set node contact information

command mode:

global configuration mode

 

explanation:

It is corresponding to value of sysContact in MIB variables in system group.

example:

The following is an example of node contact information:

snmp-server contact Dial_System_Operator_at_beeper_#_27345

 

relevant command:

use index or search information online to look for related documents

 

snmp-server host

Use ‘snmp-serve host” to appoint receiver of SNMP traps. While use “no snmp-server host “ to delete appointed host.

snmp-server host host community-string [trap-type]

no snmp-server host host  

 

parameter:

host

Host’s name or Internet address

community-string

Community string, similar to password, transmitting with trap together.

trap-type

(optional) If did not appoint any trap, it will transmit all producing traps to the host.  

·        permit to transmit traps of authentication error

·        permit to transmit SNMP-configue traps

·        permit to transmit all SNMP traps

 

default:

This command will ineffective when default. It will not transmit any trap. If do not input any command with keyword ,it will transmit all traps,

command mode:

global configuration mode

explanation:

It will not transmit any trap if without inputting snmp-server host command. To configure the router to transmit SNMP traps, use command”snmp-server host.

If input the command without keyword “trap-type”, it will activate all traps of this host.

If input the command with “trap-type”, it will only activate traps related to this keyword. User can appoint multiple trap types for each host.

If appoint multiple “snmp-server host” commands for a host, it will filter snmp trap message to this host by community string and trap type in the command. (it can only set a kind of trap for a host and community string.)

Usabilities of trap-type’s items depend on the types of the router and features of route software supported by the router.

example:

The following example will transmit snmp defined by RFC 1157 to the host whose address is “10.20.30.40”.  Community string is defined as “comaccess”.

 

snmp-server host 10.20.30.40 comaccess snmp

The following example will make the router transmit all traps to the host”10.20.30.40” through community string “public”.

snmp-server host 10.20.30.40 public

Only the trap called “authentication” is effective in the following example, which can be transmitted to the host”bob”.

snmp-server host bob public authentication 

 

relevant command:

snmp-server queue-length

snmp-server trap-source

snmp-server trap-timeout

snmp-server location

Use global configuration mode command “snmp-server location” to set location string of the node. While using “no snmp-server location” can delete location string.  

 

snmp-server location text

no snmp-server location  

 

parameter:

text

Describe location string of the node.

default:

do not set location string of the node

command mode:

global configuration mode

explanation:

Correspond to syslocation in MIB of system group .

example:

The following example will define real location of the router:

snmp-server location Building_3/Room_214

relevant commands:

snmp-server contact

 

snmp-server packetsize

Use global configuration mode command “snmp-server packetsize” to define the maximum size of SNMP packet when SNMP server is receiving request or producing response. snmp-server packetsize byte-count

no snmp-server packetsize

parameter:

byte-count 

Integer byte from 484 to 17940, default is 3000 bytes.

default:

3000 bytes

 

command mode:

global configuration mode

explanation:

Correspond to syslocation in MIB in system group

example:

The following example will setup packet filter with the maximum length of 1024 bytes.

snmp-server location Building_3/Room_214

relevant command:

snmp-server queue-length

 

snmp-server queue-length

Use global configuration mode command “snmp-server queue-length” to set message queue length for each trap host. 

snmp-server queue-length length

parameter:

length

The trap events numbers can be kept in queue(1-1000).

default:

10 events

command mode:

global configuration mode

explanation:

This command defines message queue length for each trap host. The router will clear queue once successfully transport trap message.

example:

The following example will setup a message queue which can capture four events.

snmp-server queue-length 4

relevant command:

snmp-server packetsize

 

snmp-server trap-source

Use global configuration mode command “snmp-server trap-source” to appoint a interface as all traps source address. While using “no snmp-server trap-source” can delete such an interface.

snmp-server trap-source interface

no snmp-server trap-source

parameter

interface

SNMP trap interface. Parameters include interface type and number of special platform, grammar mode.

 

default:

without any interface

command mode:

global configuration mode

explanation:

When transmit SNMP trap from SNMP server, it will have its address regardless of which interface. If want to trail by this trap address, use this command.

example:

The following example will appoint Ethernet 1/0 interface address as all traps source address.

snmp-server trap-source ethernet 1/0

The following example will appoint IP address of Ethernet 1/0 interface as all traps source address.

snmp-server trap-source ethernet 1/0

relevant command:

snmp-server queue-length

snmp-server host 

 

snmp-server trap-timeout

Use global configuration mode command “snmp-server trap-timeout” to define the time-out value of re-transmitting trap .

snmp-server trap-timeout seconds

parameter:

seconds

Time slot integer with the unit of second for re-transmitting message.

default:

30 seconds

command mode:

global configuration mode

explanation:

Before the router’s software tries to transmit trap, it will look for destination address’s route. If without route, traps will saved to re-transmitting queue. Command “server trap-timeout ”determines re-transmitting time intervals.

example;

The following example will set 20 seconds time intervals, and try to re-transmit trap in re-transmitting queue.

snmp-server trap-timeout 20

relevant commands:

snmp-server host

snmp-server queue-length 

snmp-server view

Use global configuration mode command “snmp-server view” to create or update MIB view. While using “no snmp-server view” can delete a view of SNMP server.

snmp-server view view-name oid-tree {included | excluded}
no snmp-server view view-name

parameter:

view-name

Update or create view name.

oid-tree

Must include or exclude objects identifier of ASN.1 sub-tree from view.

Identify sub-tree, appoint a string including digit, like 1.3.6.2.4 or a sub-tree name

like system. All names can be found in MIB tree.

included excluded 

The type of view. Must appoint included or excluded.

 

default:

none

command mode:

global configuration mode

explanation:

If other SNMP commands need a view as parameter, use this command to create a view to be parameters of theses SNMP commands.

When default, do not need to define a view, user can read all objects( which is like “everything” view pre-defined by Cisco.).  Use this command to define all objects which can be seen by the view.

 

example:

The following example will create all objects’ view in MIB-II sub-tree.

snmp-server view mib2 mib-2 included

The following example will create all objects’ view including system group.

snmp-server view phred system included

The following example will create a view including all objects in system group except all objects in sysServices.7 and N0. 1 interface.

snmp-server view agon system included

snmp-server view agon system.7 excluded

relevant command:

snmp-server community

 

show snmp

Use command “show snmp” to monitor SNMP input and output statistic, including illegal community string items, errors and request variables number.

Use command “show snmp host” to display SNMP trap host information.

Use command “show snmp view” to display SNMP view information.

show snmp [ host | view ]

parameter:

host: Display SNMP trap host information

view: Display SNMP view information

default:

none

command mode:

supervisor mode, global configuration mode

explanation:

Use command “show snmp”, it will list SNMP input and output statistic .

Use command “show snmp host”,it will display SNMP trap host information.

Use command “show snmp view”, it will display SNMP view information.

example:

The following example will list SNMP input and output statistic.

#show snmp

37 SNMP packets input

0 Bad SNMP version errors

4 Unknown community name

0 Illegal operation for community name supplied

0 Snmp encoding errors

24 Number of requested variables

0 Number of altered variables

0 Get-request PDUs

28 Get-next PDUs

0 Set-request PDUs

78 SNMP packets output

0 Too big errors (Maximum packet size 1500)

0 No such name errors

0 Bad values errors

0 General errors

24 Get-response PDUs PDUs

13 SNMP trap PDUs

SNMP Agent receive /transmit message statistic information’s meaning:

display information

meaning

Unknown community name

community name can not be known

Illegal operation for community name supplied

illegal operation

Encoding errors

encoding errors

Get-request PDUs

Get-request message

Get-next PDUs

Get-next message

Set-request PDUs

Set-request message

Too big errors

too big response message, can not produce response message

No such name errors

no appoint example

Bad values errors

bad values error

General errors

general errors

Get-response PDUs

Get-response message

Trap PDUs

SNMP trap message

 

The following example will show SNMP trap host information.

#show snmp host

Notification host: 192.2.2.1    udp-port: 162   type: trap

user: public     security model: v1

The following example will display SNMP view information.

#show snmp view

mib2    mib-2   -       included        permanent       active

relevant commands:

snmp-server host

snmp-server view

 

debug snmp

Show SNMP event, message transmitting, receiving course and error information.

debug snmp [ error | event | packet ]

no debug snmp

This command will stop showing information.

 

Parameter:

error

open SNMP error information’s debug switch.

event

open SNMP event’s debug switch

packet

open SNMP input/output message’s debug switch

 

command mode:

supervisor mode

 

explanation:

After opening SNMP information debug switch, output SNMP event, message transmitting, receiving course and error information , which can help users to shoot SNMP trouble.

example:

The following example will describe conditions of debugging SNMP receiving/transmitting message:

Router#debug snmp packet

Received 49 bytes from 192.168.0.29:1433

0000: 30 82 00 2D  02 01 00 04  06 70 75 62  6C 69 63 A0    0..-.....public.

0016: 82 00 1E 02  02 7D 01 02  01 00 02 01  00 30 82 00    .....}.......0..

0032: 10 30 82 00  0C 06 08 2B  06 01 02 01  01 03 00 05    .0.....+........

0048: 00                                                    .

Sending 52 bytes to 192.168.0.29:1433

0000: 30 82 00 30  02 01 00 04  06 70 75 62  6C 69 63 A2    0..0.....public.

0016: 82 00 21 02  02 7D 01 02  01 00 02 01  00 30 82 00    ..!..}.......0..

0032: 13 30 82 00  0F 06 08 2B  06 01 02 01  01 03 00 43    .0.....+.......C

0048: 03 00 F4 36                                           ...6

Received 51 bytes from 1192.168.0.29:1434

0000: 30 82 00 2F  02 01 00 04  06 70 75 62  6C 69 63 A0    0../.....public.

0016: 82 00 20 02  02 6B 84 02  01 00 02 01  00 30 82 00    .. ..k.......0..

0032: 12 30 82 00  0E 06 0A 2B  06 01 02 01  02 02 01 02    .0.....+........

0048: 01 05 00                                              ...

Sending 62 bytes to 192.168.0.29:1434

0000: 30 82 00 3A  02 01 00 04  06 70 75 62  6C 69 63 A2    0..:.....public.

0016: 82 00 2B 02  02 6B 84 02  01 00 02 01  00 30 82 00    ..+..k.......0..

0032: 1D 30 82 00  19 06 0A 2B  06 01 02 01  02 02 01 02    .0.....+........

0048: 01 04 0B 45  74 68 65 72  6E 65 74 30  2F 31          ...Ethernet0/1

domain

description

Received

SNMP receiving/transmitting message 

192.168.0.29

source IP address

1433

interface number of source address

51 bytes

length of receiving message

30 82 00 2D  02 01 00 04  06 70 75 62  6C 69 63 A0

82 00 1E 02  02 7D 01 02  01 00 02 01  00 30 82 00

10 30 82 00  0C 06 08 2B  06 01 02 01  01 03 00 05

00                                             

SNMP ASN after-coding Message

0..-.....public.

.....}.......0..

.0.....+........

.

receiving message ‘s ASCII expressing, if beyond ASC II , express by “.”

sending

SNMP transmitting message

192.168.0.29

destination IP address

1433

interface number of destination address

52 bytes

length of transmitting message

30 82 00 30  02 01 00 04  06 70 75 62  6C 69 63 A2

82 00 21 02  02 7D 01 02  01 00 02 01  00 30 82 00

13 30 82 00  0F 06 08 2B  06 01 02 01  01 03 00 43

03 00 F4 36

SNMP ASN after-coding message

0..0.....public.

..!..}.......0..

.0.....+.......C

...6

Transmitting message ‘s ASCII expressing, if beyond ASC II , express by “.”

The following example will describe conditions of debugging SNMP events:

Router#debug snmp event

Received SNMP packet(s) from 192.2.2.51

  SNMP: GETNEXT request

    -- ip.ipReasmFails.0

  SNMP: Response

    >> ip.ipFragOKs.0 = 1

Received SNMP packet(s) from 192.2.2.51

  SNMP: GETNEXT request

    -- ip.ipFragOKs.0

  SNMP: Response

    >> ip.ipFragFails.0 = 0

Received SNMP packet(s) from 192.2.2.51

  SNMP: GETNEXT request

    -- ip.ipFragFails.0

  SNMP: Response

    >> ip.ipFragCreates.0 = 2

domain

description

SNMP

current debugging is SNMP

GETNEXT request

SNMP getnext request

RESPONSE

SNMP response

--

receive message

>>

transmit message

ip.ipReasmFails.0

request visit MIB OID

ip.ipFragOKs.0 = 1

visited MIB OID and its back value