configure SNMP catalog

SNMP inform

SNMP version

supported MIB

create and modify accessing control for SNMP group

set manager contact ways and location of this router

define maximam length of SNMP agent data packet

monitor SNMP status

configure SNMP traps

configurations examples

Details about instructions of this chapter ,refer to “SNMP instructions”.

configure SNMP supporting

SNMP system include three parts:

SNMP management end

SNMP AGENT

management information base

SNMP is a protocol for the application layer. It provides message format Which are transferred between network management end and AGENT.

The SNMP network management end is a part of network management system(NMS,such as the D-LinkWorks).Because the AGENT and MIB are on the Router, it’s  necessary to define the relationship between the network management end and  the AGENT if users want to configure the SNMP of the Router.

SNMP AGENT include MIB variables, SNMP management end can retrieve and and change these variables values. SNMP management end can get variables values from AGENT or save variables values to AGENT.  AGENT collects data from MIB. MIB is an information base of network data and devices parameter.The agent responds to the request of the network management end for reading or setting data. The agent can send the trap forwardly to the management end . Trap is a kind of alarm message which will give an alarm to the management end in some network condition .Trap can point out the incorrect user authentication, reset, link status(up or down),TCP link closing, link losing with neighbor Routers or other important  events.

SNMP  inform

Router can send inform to the management end when special event happens. For an example, agent router may send a message to the management end when it meets an error.

SNMP inform can be sent as trap or inform request. The receiver does not respond to the trap ,and the transmitter doesn’t judge whether the trap is received, so the trap is not credible.

On the contrast , when receiving inform request, the management end  responds with  SNMP response PDU. The management end won’t give any response if it does not receive a inform request, and if the transmitter doesn’t receive any answer ,it will send the inform request again. So ,the inform will reach tageted destination more possible.

The inform requests consume more resources of the Router and network for their credibilities. The traps will be rejected once they are been sent. On the contrast, inform request must be saved in the memeory until receiving the response or the request is time out. And the trap will be sent only once while the inform request can be send for several times. Resend add network communication and aggravate network traffic. So ,the trap and inform request provide a balance between credibilities and resources of network.

If it is necessary for the SNMP management end to receive each inform ,the inform request should be used. If care for the network traffic or memory of the Router ,and it is not necessary to receive each inform, trap can be used.     

    D-Link Router only support trap now , but it provides the extension of using inform request. 

SNMP version

SNMP versions supported by D-Link Routers are :

SNMPv1—a simple network management protocol, a absolute internet standard, defined in RFC1157.

SNMPv2C-- SNMPv2 Administrative Framework based on team, an test internet protocol, defined in RFC1901

SNMP versions supported by D-Link

SNMPv3 。

SNMPv1 use safety format based on team. It can access agent MIB’S management end team.

It’s necessary to set the SNMP agent to the version supported by the management station. AGENT can communicate with serveral management ends.  

supported MIB

SNMP of D-Link Routers support all MIB variables ( described in RFC1213 ) and  SNMP traps ( described in RFC1215 ).

D-Link Router provides a private MIB extension for each system.

create or modify access control for SNMP team

The SNMP team character string can define relationship between the SNMP management end and AGENT. Team character string is similar to the password which is used to access the Router AGENT. Users can designate one or more characters associated with team character string below( optional ):

the IP address access list of SNMP management end permitting to use team character string to acquire the authority for accessing the AGENT  .

Define the MIB tree of all the leaf nodes which have the authority for accessing the designated team.

Appoint the read-write authority of the MIB object that has the access authority

The commands used to configure the team character string in the overall configuration mode are given below:

 

command

purpose

snmp-server community string [view view-name] [ro | rw] [word]

Define team access character string

Users can configure one or more team character strings and can use “no snmp-server community”command to delete the default team character strings.

The example of configuring the team character string ,refer to the chapter” SNMP commands”.

Configure the way to contact the Router manager and location of the Router.

“sysContact” and “sysLocation “are both the management variables of MIB system group. They define the sign of the node( Router ) manager and his location. Those information can be accessed by configuration files. Users can use one or more commands below in the overall configuration mode :

 

command

purpose

snmp-server contact text

set the node manager string

snmp-server location text

Set the node location string

Define the maximum length of the SNMP agent data packet:

The SNMP agents set the maximum length of data packet when receiving request or sending response. Users can use one or more commands below in the overall configuration mode :

 

command

purpose

snmp-server packetsize byte-count

set the maximum length of data packet

monitor SNMP status

Users can use one or more commands below in the overall configuration mode to monitor the SNMP input/output statistics, including forbidden team string and the number of errors and request variables.

 

command

purpose

show snmp

Monitor SNMP status

configure SNMP trap

Users can use the following commands to configure the Router’s sending the SNMP Traps(the second task is optional):  

configure the Router to send SNMP traps

alter the running parameters of the traps

configure the Router to send SNMP traps

Users can use one or more commands below in the overall configuration mode to configure the Router to send SNMP traps to a host:

 

command

purpose

snmp-server host host community-string [trap-type]

Designate the receiver of the traps

The SNMP agents will startup automatically after the D-Link has powered on , and  all kinds of the traps will be activated. Users can use“snmp-server host” command to designate a host to receive appointed types of traps.

Some traps need to be controlled by other commands. For example, if users want to send SNMP traps when interface is up or down, user should use  “snmp trap link-status”command to activate the link traps in the interface configuration mode ,and use “no snmp trap link –stat” command to shut off these traps.

To receive the traps ,the host must be configured  with “snmp-server host”command.

alter the running parameters of the traps

It is an optional item, and it can designate the source interface generating the traps and the length of message( data packet )queue or the value of retransmission interal for every host.

Users can use optional commands below to alter trap running parameters in the overall configuration mode :

 

command

purpose

snmp-server trap-source interface

designate the source interface. and

the source IP add

snmp-server queue-length length

set the length of message queue for each host.

Default value is 10

snmp-server trap-timeout seconds

Define the retransmission frequency of traps in retransmission queue.

default value is 30 seconds

Configuration Examples

example 1:

snmp-server community public RO

snmp-server community private RW

snmp-server host 192.168.10.2 public

We configure two team strings-“public” and “private”.”Public” has the authority of reading all the MIB variables . While “private” has the Authority of reading and writing all the MIB variables.

Users can use “public”to read the MIB variables of the Router and use“private”to read the MIB variables of the Router and use “private”to write some wirtiable variables.

It designate the Router to use “public” to send traps to “192.16.20.2” when the Router need to send traps also.. For example ,when some interface is down, the Router will send a linkdown trap to “192.168.20.2”.

example 2:

snmp-server community public view sysmib RO

snmp-server community private RW nativehost

snmp-server contact router@company.com.cn

snmp-server host 192.168.10.2 public snmp

snmp-server location 405-room

snmp-server view sysmib system included

ip access-list standard nativehost

permit 192.168.10.2 255.255.255.255

In this example, “public”only has the authority Of reading the MIB variables in system group of the Router. It only permit the host whose IP address is 192.168.10.2 to use”private” to read or write MIB variables of router.

Only send snmp trap to the host”192.168.10.2” and do not send authentication or configure traps.

The contact way should be configure to router@company.com.cn, and location should be configured to 405-room,that is to say, “sysContact” in MIB is router@company.com.cn and  “sysLocation”in MIB is 405-room.