configure SNMP catalog
create and modify accessing control for SNMP group
set manager contact ways and location of this router
define maximam length of SNMP agent data packet
Details about instructions of this chapter ,refer to “SNMP
instructions”.
configure
SNMP supporting
SNMP system include three parts:
SNMP management end
SNMP AGENT
management information base
SNMP
is a protocol for the application layer. It provides message format Which are
transferred between network management end and AGENT.
The
SNMP network management end is a part of network management system(NMS,such as
the D-LinkWorks).Because the AGENT and MIB are on the Router, it’s
necessary to define the relationship between the network management end and
the AGENT if users want to configure the SNMP of the Router.
SNMP
AGENT include MIB variables, SNMP management end can retrieve and and change
these variables values. SNMP management end can get variables values from AGENT
or save variables values to AGENT. AGENT collects data from MIB. MIB is an
information base of network data and devices parameter.The agent responds to the
request of the network management end for reading or setting data. The agent can
send the trap forwardly to the management end . Trap is a kind of alarm message
which will give an alarm to the management end in some network condition .Trap
can point out the incorrect user authentication, reset, link status(up or
down),TCP link closing, link losing with neighbor Routers or other important
events.
Router
can send inform to the management end when special event happens. For an
example, agent router may send a message to the management end when it meets an
error.
SNMP
inform can be sent as trap or inform request. The receiver does not respond to
the trap ,and the transmitter doesn’t judge whether the trap is received, so
the trap is not credible.
On
the contrast , when receiving inform request, the management end responds
with SNMP response PDU. The management end won’t give any response if it
does not receive a inform request, and if the transmitter doesn’t receive any
answer ,it will send the inform request again. So ,the inform will reach tageted
destination more possible.
The
inform requests consume more resources of the Router and network for their
credibilities. The traps will be rejected once they are been sent. On the
contrast, inform request must be saved in the memeory until receiving the
response or the request is time out. And the trap will be sent only once while
the inform request can be send for several times. Resend add network
communication and aggravate network traffic. So ,the trap and inform request
provide a balance between credibilities and resources of network.
If
it is necessary for the SNMP management end to receive each inform ,the inform
request should be used. If care for the network traffic or memory of the Router
,and it is not necessary to receive each inform, trap can be used.
D-Link Router only support trap now , but it provides the
extension of using inform request.
SNMP
versions supported by D-Link Routers are :
SNMPv1—a
simple network management protocol, a absolute internet standard, defined in
RFC1157.
SNMPv2C--
SNMPv2 Administrative
Framework based on team,
an test internet protocol, defined in RFC1901
SNMP
versions supported by D-Link
SNMPv3 。
SNMPv1 use safety format based on team. It can access agent MIB’S
management end team.
It’s
necessary to set the SNMP agent to the version supported by the management
station. AGENT can communicate with serveral management ends.
SNMP
of D-Link Routers support all MIB variables ( described in RFC1213 ) and
SNMP traps ( described in RFC1215 ).
D-Link
Router provides a private MIB extension for each system.
create
or modify access control for SNMP team
The
SNMP team character string can define relationship between the SNMP management
end and AGENT. Team character string is similar to the password which is used to
access the Router AGENT. Users can designate one or more characters associated
with team character string below( optional ):
the IP address access list of SNMP management end permitting to use team
character string to acquire the authority for accessing the AGENT
.
Define
the MIB tree of all
the leaf nodes which have the authority for accessing the designated team.
Appoint
the read-write authority of the MIB object that has the access authority
The
commands used to configure the team character string in the overall
configuration mode are given below:
command |
purpose |
snmp-server
community
string [view view-name] [ro | rw] [word] |
Define team access character string |
Users
can configure one or more team character strings and can use “no snmp-server
community”command to delete the default team character strings.
The
example of configuring the team character string ,refer to the chapter”
SNMP commands”.
Configure
the way to contact the Router manager and location of the Router.
“sysContact”
and “sysLocation “are both the management variables of MIB system group.
They define the sign of the node( Router ) manager and his location.
Those information can be accessed by configuration files. Users can use one or
more commands below in the overall configuration mode :
command |
purpose |
snmp-server
contact text |
set
the node manager string |
snmp-server
location text |
Set
the node location string |
Define
the maximum length of the SNMP agent data packet:
The
SNMP agents set the maximum length of data packet when receiving request or
sending response. Users can use one or more commands below in the overall
configuration mode :
command |
purpose |
snmp-server
packetsize byte-count |
set
the maximum length of data packet |
Users
can use one or more commands below in the overall configuration mode to
monitor the SNMP input/output statistics, including forbidden team string and
the number of errors and request variables.
command |
purpose |
show
snmp |
Monitor SNMP status |
Users
can use the following commands to configure the Router’s sending the SNMP
Traps(the second task is optional):
configure
the Router to send SNMP traps
alter
the running parameters of the traps
configure
the Router to send SNMP traps
Users
can use one or more commands below in the overall configuration mode to configure
the Router to send SNMP traps to a host:
command |
purpose |
snmp-server
host host
community-string [trap-type] |
Designate
the receiver of the traps |
The
SNMP agents will startup automatically after the D-Link has powered on , and
all kinds of the traps will be activated. Users can use“snmp-server host”
command to designate a host to receive appointed types of traps.
Some
traps need to be controlled by other commands. For example, if users want to
send SNMP traps when interface is up or down, user should use “snmp trap
link-status”command to activate the link traps in the interface configuration
mode ,and use “no snmp trap link –stat” command to shut off these traps.
To
receive the traps ,the host must be configured with “snmp-server
host”command.
alter the running parameters of the traps
It is an optional item, and it can designate the source
interface generating the traps and the length of message( data packet )queue or
the value of retransmission interal for every host.
Users can use optional commands below to alter trap running
parameters in the overall configuration mode :
command |
purpose |
snmp-server trap-source interface |
designate the source
interface. and the source IP add |
snmp-server queue-length length |
set the length of
message queue for each host. Default value is 10 |
snmp-server trap-timeout seconds |
Define the
retransmission frequency of traps in retransmission queue. default value is 30
seconds |
example 1:
snmp-server community public RO
snmp-server community private RW
snmp-server host 192.168.10.2 public
We configure two team strings-“public” and
“private”.”Public” has the authority of reading all the MIB variables .
While “private” has the Authority of reading and writing all the MIB
variables.
Users can use “public”to read the MIB variables of the
Router and use“private”to read the MIB variables of the Router and use “private”to
write some wirtiable variables.
It designate the Router to use “public” to send traps to
“192.16.20.2” when the Router need to send traps also.. For example ,when
some interface is down, the Router will send a linkdown trap to
“192.168.20.2”.
example 2:
snmp-server community public view sysmib RO
snmp-server community private RW nativehost
snmp-server contact router@company.com.cn
snmp-server host 192.168.10.2 public snmp
snmp-server location 405-room
snmp-server view sysmib system included
ip access-list standard nativehost
permit 192.168.10.2 255.255.255.255
In this example, “public”only has the authority Of reading
the MIB variables in system group of the Router. It only permit the host whose
IP address is 192.168.10.2 to use”private” to read or write MIB variables of
router.
Only send snmp trap to the host”192.168.10.2” and do not
send authentication or configure traps.
The contact way should be configure to router@company.com.cn, and location should be configured to 405-room,that is to say, “sysContact” in MIB is router@company.com.cn and “sysLocation”in MIB is 405-room.