1.1 SNMP
Overview
Simple Network Management Protocol (SNMP) offers a framework to
monitor network devices through TCP/IP protocol suite. It provides a set of
basic operations in monitoring and maintaining the Internet and has the
following characteristics:
l
Automatic network management: SNMP enables
network administrators to search and modify information, find and diagnose
network problems, plan for network growth, and generate reports on network
nodes.
l
SNMP shields the physical differences between
various devices and thus realizes automatic management of products from different
manufacturers. Offering only the basic set of functions, SNMP makes the
management tasks independent of both the physical features of the managed
devices and the underlying networking technology. Thus, SNMP achieves effective
management of devices from different manufacturers, especially in small,
high-speed and low cost network environments.
Figure
1-1 Network diagram for configuring SNMPv2c to
monitor and manage a switch
l
The Network Management Station (NMS) connects to
the agent, a switch, through an Ethernet.
l
The IP address of the NMS is 1.1.1.2/24.
l
The IP address of VLAN interface on the switch
is 1.1.1.1/24.
l
NMS monitors and manages Agent using SNMPv2c.
Agent reports errors or faults to the NMS.
|
Product series
|
Software version
|
Hardware version
|
|
S3610
Series Ethernet Switches
|
Release
5301
|
All
versions
|
|
S5510
Series Ethernet Switches
|
Release
5301
|
All
versions
|
|
S5500-SI
Series Ethernet Switches
|
Release
1207
|
All versions except S5500-20TP-SI
|
|
Release
1301
|
S5500-20TP-SI
|
|
S5500-EI
Series Ethernet Switches
|
Release
2102
|
All
versions
|
|
S7500E
Series Ethernet Switches
|
Release
6100
|
All
versions
|
l
Configure Agent
# Configure
the SNMP basic information, including version and community name.
<Sysname>
system-view
[Sysname] snmp-agent
sys-info version v2c
[Sysname] snmp-agent
community read public
[Sysname] snmp-agent
community write private
# Configure
VLAN-interface 2 (with the IP address of 1.1.1.1/24). Add the port
GigabitEthernet 1/0/1 to VLAN 2.
[Sysname] vlan
2
[Sysname-vlan2]
port GigabitEthernet 1/0/1
[Sysname-vlan2]
quit
[Sysname] interface
vlan-interface 2
[Sysname-Vlan-interface2]
ip address 1.1.1.1 255.255.255.0
[Sysname-Vlan-interface2]
quit
# Configure
the contact person and physical location information of the switch.
[Sysname] snmp-agent
sys-info version all
[Sysname]
snmp-agent sys-info contact Mr.Chen-Tel:5651
[Sysname]
snmp-agent sys-info location telephone-closet,3rd-floor
# Enable the
sending of traps to the NMS with an IP address of 1.1.1.2/24, using public
as the community name.
[Sysname] snmp-agent
trap enable
[Sysname] snmp-agent
target-host trap address udp-domain 1.1.1.2 udp-port 5000 params securityname public
l
Configure SNMP NMS (refer to NMS manuals for
detailed configurations)
#Select
SNMPv2c; configure public as the read only community name, private
as the read and write community name; specify 161 as the SNMP port number.
# In order to
receive traps sent from Agent, set the number of inbound port for traps on the
NMS to 5000, which is the same with that configured using the command line on
Agent.
# Upon the
above configurations, the NMS can monitor and manage the switch remotely; and
the switch will send traps to the NMS in case of failures or errors.
#
interface
Vlan-interface2
ip
address 1.1.1.1 255.255.255.0
#
interface
GigabitEthernet1/0/1
port
access vlan 2
#
snmp-agent
snmp-agent
local-engineid 800063A20300E0FC123456
snmp-agent
community read public
snmp-agent
community write private
snmp-agent
sys-info contact Mr.Chen-Tel:5651
snmp-agent
sys-info location telephone-closet,2rd-floor
snmp-agent
sys-info version all
snmp-agent
target-host trap address udp-domain 1.1.1.2 udp-port 5000 params securityname
public
#
Follow these guidelines when configuring
SNMPv2c to monitor and manage a switch:
1)
The user can inquire and configure the device
through the NMS (like Quidview), and refer to NMS manuals for detailed
configurations.
2)
The configurations on the agent and the NMS must
match.
Figure
1-2 Network diagram for configuring SNMPv3 to
monitor and manage a switch
l
The NMS connects to the agent, a switch, through
an Ethernet.
l
The IP address of the NMS is 1.1.1.2/24.
l
The IP address of the VLAN interface on the
switch is 1.1.1.1/24.
l
NMS monitors and manages Agent using SNMPv3.
Agent reports errors or faults to the NMS. The inbound port for traps on the
NMS is 5000.
|
Product series
|
Software version
|
Hardware version
|
|
S3610
Series Ethernet Switches
|
Release
5301
|
All
versions
|
|
S5510
Series Ethernet Switches
|
Release
5301
|
All
versions
|
|
S5500-SI
Series Ethernet Switches
|
Release
1207
|
All versions except S5500-20TP-SI
|
|
Release
1301
|
S5500-20TP-SI
|
|
S5500-EI
Series Ethernet Switches
|
Release
2102
|
All
versions
|
|
S7500E
Series Ethernet Switches
|
Release
6100
|
All
versions
|
1)
Configure Agent
# Configure the access right.
<Sysname>
system-view
[Sysname] undo
snmp-agent mib-view ViewDefault
[Sysname] snmp-agent
mib-view included test interfaces
[Sysname] snmp-agent
group v3 managev3group read-view test write-view test
[Sysname] snmp-agent
usm-user v3 managev3user managev3group
# Configure the contact person and physical
location information of the switch.
[Sysname]
snmp-agent sys-info contact Mr.Chen-Tel:5651
[Sysname]
snmp-agent sys-info location telephone-closet,2rd-floor
# Configure VLAN-interface 2 (with the IP
address of 1.1.1.1/24). Add the port GigabitEthernet 1/0/1 to VLAN 2.
[Sysname] vlan
2
[Sysname-vlan2]
port GigabitEthernet 1/0/1
[Sysname-vlan2]
quit
[Sysname] interface
vlan-interface 2
[Sysname-Vlan-interface2]
ip address 1.1.1.1 255.255.255.0
[Sysname-Vlan-interface2]
quit
# Configure the IP address of the
VLAN-interface 2 as the source address of traps.
[Sysname] snmp-agent
trap source Vlan-interface 2
# Enable sending of traps to the NMS with an
IP address of 1.1.1.2/24, using public as the community name.
[Sysname]
snmp-agent trap enable
[Sysname]
snmp-agent target-host trap address udp-domain 1.1.1.2 udp-port 5000 params
securityname public
2)
Configure NMS
SNMPv3 uses authentication and privacy security
model. In NMS, the user needs to specify username and security level, and based
on that level, configure the authentication mode, authentication password,
privacy mode, and privacy password. In addition, the timeout time and number of
retries should also be configured. The user can inquire and configure the
device through NMS, and refer to NMS manuals for detailed configurations.
1.3.5 Complete
Configuration
#
interface
Vlan-interface2
ip
address 1.1.1.1 255.255.255.0
#
interface
GigabitEthernet1/0/1
port
access vlan 2
#
snmp-agent
snmp-agent
local-engineid 800063A20300E0FC123456
snmp-agent
sys-info contact Mr.Chen-Tel:5651
snmp-agent
sys-info location telephone-closet,2rd-floor
snmp-agent
sys-info version v3
snmp-agent
group v3 managev3group read-view test write-view test
snmp-agent
target-host trap address udp-domain 1.1.1.2 udp-port 5000 params securityname
public
snmp-agent
mib-view included test interfaces
snmp-agent
usm-user v3 managev3user managev3group
snmp-agent
trap source Vlan-interface2
Follow these guidelines when configuring
SNMPv3 to monitor and manage a switch:
1)
The user can inquire and configure the device
through the NMS, and refer to NMS manuals for detailed configurations.
2)
The configurations on the agent and the NMS must
match.
Figure
1-3 Network diagram for SNMP logging
Configure to output the logs of GET and SET
operations of NMS on Agent to the terminal through the channel Console.
1.4.3 Applicable Product Matrix
|
Product
series
|
Software
version
|
Hardware
version
|
|
S3610 Series Ethernet Switches
|
Release 5301
|
All versions
|
|
S5510 Series Ethernet Switches
|
Release 5301
|
All versions
|
|
S5500-SI Series Ethernet Switches
|
Release 1207
|
All versions except S5500-20TP-SI
|
|
Release 1301
|
S5500-20TP-SI
|
|
S5500-EI
Series Ethernet Switches
|
Release
2102
|
All
versions
|
|
S7500E
Series Ethernet Switches
|
Release
6100
|
All
versions
|
# Enable
logging display on the terminal. (This function is enabled by default, so that
you can omit this configuration).
<Sysname>
terminal monitor
<Sysname>
terminal logging
# Enable the
information center to output the system information with the severity level
equal to or higher than informational to the console port.
<Sysname>
system-view
[Sysname] info-center
source snmp channel console log level informational
# Enable
SNMP logging on Agent to log the GET and SET operations of NMS.
[Sysname] snmp-agent
log get-operation
[Sysname] snmp-agent
log set-operation
l
The following log information is displayed on
the terminal when NMS performs the GET operation on Agent.
%Sep 9
02:49:40:566 2007 Sysname SNMP/6/GET:
seqNO =
<10> srcIP = <1.1.1.2> op = <get> node =
<sysName(1.3.6.1.2.1.1.5.0)> value=<>
l
The following log information is displayed on
the terminal when NMS performs the SET operation on Agent.
%Sep 9
02:59:42:576 2007 Sysname SNMP/6/SET:
seqNO =
<11> srcIP = <1.1.1.2> op = <set> errorIndex = <0>
errorStatus =<noError> node = <sysName(1.3.6.1.2.1.1.5.0)> value =
<Sysname>
#
info-center
source SNMP channel 0
#
interface
Vlan-interface2
ip
address 1.1.1.1 255.255.255.0
#
interface
GigabitEthernet1/0/1
port
access vlan 2
#
snmp-agent
snmp-agent
local-engineid 800063A20300E0FC123456
snmp-agent
community read public
snmp-agent
community write private
snmp-agent
log all
snmp-agent
sys-info version all
Follow these guidelines when configuring
SNMP logging:
1)
The system information of the information center
can be output to the terminal or to the log buffer. In this example, SNMP log
is output to the terminal. For configuration of SNMP log output to other
destinations, see the Information Center section in the Operation
Manual of your product.
2)
Successful output of logs to the terminal
requires the GET and SET operations of NMS on Agent.
3)
Logs occupy storage space of the device, thus
affecting the performance of the device. Therefore, it is recommended to
disable SNMP logging.
