Table of Contents

Chapter 1 SNMP Configuration Commands. 1-1

1.1 SNMP Configuration Commands. 1-1

1.1.1 display snmp-agent 1-1

1.1.2 display snmp-agent community. 1-1

1.1.3 display snmp-agent group. 1-3

1.1.4 display snmp-agent mib-view. 1-4

1.1.5 display snmp-agent statistics. 1-6

1.1.6 display snmp-agent sys-info. 1-8

1.1.7 display snmp-agent usm-user 1-8

1.1.8 enable snmp trap updown. 1-9

1.1.9 snmp-agent 1-10

1.1.10 snmp-agent community. 1-11

1.1.11 snmp-agent group. 1-12

1.1.12 snmp-agent local-engineid. 1-13

1.1.13 snmp-agent mib-view. 1-14

1.1.14 snmp-agent packet max-size. 1-15

1.1.15 snmp-agent sys-info. 1-15

1.1.16 snmp-agent target-host 1-16

1.1.17 snmp-agent trap enable. 1-17

1.1.18 snmp-agent trap life. 1-19

1.1.19 snmp-agent trap queue-size. 1-19

1.1.20 snmp-agent trap source. 1-20

1.1.21 snmp-agent usm-user 1-21

Chapter 2 RMON Configuration Commands. 2-1

2.1 RMON Configuration Commands. 2-1

2.1.1 display rmon alarm.. 2-1

2.1.2 display rmon event 2-2

2.1.3 display rmon eventlog. 2-3

2.1.4 display rmon history. 2-4

2.1.5 display rmon prialarm.. 2-6

2.1.6 display rmon statistics. 2-7

2.1.7 rmon alarm.. 2-9

2.1.8 rmon event 2-10

2.1.9 rmon history. 2-11

2.1.10 rmon prialarm.. 2-12

2.1.11 rmon statistics. 2-14

 

Chapter 1  SNMP Configuration Commands

1.1  SNMP Configuration Commands

1.1.1  display snmp-agent

Syntax

display snmp-agent { local-engineid | remote-engineid }

View

Any view

Parameter

local-engineid: Specifies the local SNMP agent engine.

remote-engineid: Specifies remote SNMP agent engines.

Description

Use the display snmp-agent command to display the local SNMP agent engine ID.

SNMP engine ID identifies an SNMP entity uniquely within an SNMP domain. SNMP engine is an indispensable part of an SNMP entity. It provides the SNMP message allocation, message handling, authentication, and access control.

 

 

Example

# Display the engine ID of the local SNMP agent.

<Sysname> display snmp-agent local-engineid

SNMP local EngineID: 000007DB7F0000013859

1.1.2  display snmp-agent community

Syntax

display snmp-agent community [ read | write ]

View

Any view

Parameter

read: Displays the information of communities with read-only access right.

write: Displays information of communities with read and write access right.

Description

Use the display snmp-agent community command to display the information about SNMPv1 or SNMPv2c communities.

Example

# Display the information about all the current communities.

<Sysname> display snmp-agent community

   Community name:8040zlz

       Group name:8040zlz

       Storage-type: nonVolatile

 

   Community name:8040core

       Group name:8040core

       Storage-type: nonVolatile     

Table 1-1 Descriptions on the fields of the display snmp-agent community command

Field	Description
Community name	Community name
Group name	SNMP group name
Storage-type	Storage type, which could be: volatile: information will be lost if the system is rebooted nonVolatile: Information will not be lost if the system is rebooted permanent: Modification permitted, but deletion forbidden readOnly: read only, that is, no modification, no deletion other: other storage types

 

1.1.3  display snmp-agent group

Syntax

display snmp-agent group [ group-name ]

View

Any view

Parameter

group-name: Specifies the SNMP group name, a string of 1 to 32 characters. Note that SNMP group names are case-sensitive.

Description

Use the display snmp-agent group command to display information for the SNMP agent group, including group name, security model, MIB view, storage type, and so on. Absence of the group-name parameter indicates that information for all groups will be displayed.

Example

# Display the information of all SNMP agent groups.

<Sysname> display snmp-agent group

   Group name: mygroup

       Security model: v1 noAuthnoPriv

       Readview: ViewDefault

       Writeview: <no specified>

       Notifyview :<no specified>

       Storage-type: nonVolatile

 

   Group name: managev3group

       Security model: v3 noAuthnoPriv

       Readview: ViewDefault

       Writeview: internet

       Notifyview :<no specified>

       Storage-type: nonVolatile 

Table 1-2 Descriptions on the fields of the display snmp-agent group command

Field	Description
Group name	SNMP group name
Security model	Security model of the SNMP group, which can be: authPriv (authentication with privacy), authNoPriv (authentication without privacy), or noAuthNoPriv (no authentication no privacy).
Readview	The read only MIB view associated with the SNMP group
Writeview	The writable MIB view associated with the SNMP group
Notifyview	The notify MIB view associated with the SNMP group, the view with entries that can generate Trap messages
Storage-type	Storage type, which includes: volatile, nonvolatile, permanent, readOnly, and other. For detailed information, refer to Table 1-1.

 

1.1.4  display snmp-agent mib-view

Syntax

display snmp-agent mib-view [ exclude | include | viewname view-name ]

View

Any view

Parameter

exclude: Specifies to displays SNMP MIB views of the “excluded" type.

include: Specifies to displays SNMP MIB views of the “included" type.

view-name: Name of the specified MIB view, a string of 1 to 32 characters.

Description

Use the display snmp-agent mib-view command to display SNMP MIB view information. Absence of the view-name parameter indicates that information for all MIB views will be displayed.

Example

# Display the current SNMP MIB views.

<Sysname> display snmp-agent mib-view

   View name:ViewDefault

       MIB Subtree:iso

       Subtree mask:

       Storage-type: nonVolatile

       View Type:included

       View status:active

 

   View name:ViewDefault

       MIB Subtree:snmpUsmMIB

       Subtree mask:

       Storage-type: nonVolatile

       View Type:excluded

       View status:active

 

   View name:ViewDefault

       MIB Subtree:snmpVacmMIB

       Subtree mask:

       Storage-type: nonVolatile

       View Type:excluded

       View status:active

 

   View name:ViewDefault

       MIB Subtree:snmpModules.18

       Subtree mask:

       Storage-type: nonVolatile

       View Type:excluded

       View status:active

Table 1-3 Descriptions on the fields of the display snmp-agent mib-view command

Field	Description
View name	MIB view name
MIB Subtree	MIB subtree
Subtree mask	Subtree mask
Storage-type	Storage type
ViewType: included/excluded	Indicates whether an MIB object can be accessed
View status	The status of MIB view

 

1.1.5  display snmp-agent statistics

Syntax

display snmp-agent statistics

View

Any view

Parameter

None

Description

Use the display snmp-agent statistics command to display SNMP statistics.

Example

# Display the statistics on the current SNMP.

<Sysname> display snmp-agent statistics

  0 Messages delivered to the SNMP entity

  0 Messages which were for an unsupported version

  0 Messages which used a SNMP community name not known

  0 Messages which represented an illegal operation for the community supplied

  0 ASN.1 or BER errors in the process of decoding

  0 Messages passed from the SNMP entity

  0 SNMP PDUs which had badValue error-status

  0 SNMP PDUs which had genErr error-status

  0 SNMP PDUs which had noSuchName error-status

  0 SNMP PDUs which had tooBig error-status (Maximum packet size 1500)

  0 MIB objects retrieved successfully

  0 MIB objects altered successfully

  0 GetRequest-PDU accepted and processed

  0 GetNextRequest-PDU accepted and processed

  0 GetBulkRequest-PDU accepted and processed

  0 GetResponse-PDU accepted and processed

  0 SetRequest-PDU accepted and processed

  0 Trap PDUs accepted and processed

  0 Alternate Response Class PDUs dropped silently

  0 Forwarded Confirmed Class PDUs dropped silently

Table 1-4 Descriptions on the fields of the display snmp-agent statistics command

Field	Description
Messages delivered to the SNMP entity	The number of packets delivered to the SNMP agent
Messages which were for an unsupported version	The number of packets from a device with an SNMP version that is not supported by the current SNMP agent
Messages which used a SNMP community name not known	The number of packets that use an unknown community name
Messages which represented an illegal operation for the community supplied	The number of packets with operations that breach the access right of a community
ASN.1 or BER errors in the process of decoding	The number of packets with decoding errors, such as ASN.1 or BER errors.
Messages passed from the SNMP entity	The number of packets sent by an SNMP agent
SNMP PDUs which had badValue error-status	The number of SNMP PDUs with a badValue error
SNMP PDUs which had genErr error-status	The number of SNMP PDUs with a genErr error
SNMP PDUs which had noSuchName error-status	Number of PDUs with a noSuchName error
SNMP PDUs which had tooBig error-status (Maximum packet size 1500)	Number of PDUs with a tooBig error (the maximum packet size is 1,500)
MIB objects retrieved successfully	Number of MIB objects that have been successfully retrieved
MIB objects altered successfully	The number of MIB objects that have been successfully modified
GetRequest-PDU accepted and processed	The number of get requests that have been processed
GetNextRequest-PDU accepted and processed	The number of getNext requests that have been received and processed
GetBulkRequest-PDU accepted and processed	The number of getBulk requests that have been processed
GetResponse-PDU accepted and processed	The number of get responses that have been processed
SetRequest-PDU accepted and processed	The number of set requests that have been processed
Trap PDUs accepted and processed	The number of Trap messages that have been processed
Alternate Response Class PDUs dropped silently	The number of dropped response packets
Forwarded Confirmed Class PDUs dropped silently	The number of forwarded packets that have been dropped

 

1.1.6  display snmp-agent sys-info

Syntax

display snmp-agent sys-info [ contact | location | version ] *

View

Any view

Parameter

contact: Displays the contact information of the current network administrator.

location: Displays the location information of the current device.

version: Displays the version of the current SNMP agent.

Description

Use the display snmp-agent sys-info command to display the current SNMP system information.

If no keyword is specified, all SNMP agent system information will be displayed.

Example

# Display the current SNMP agent system information.

<Sysname> display snmp-agent sys-info

   The contact person for this managed node:

           R&D Hangzhou, H3C Technologies co.,Ltd.

 

   The physical location of this node:

            Hangzhou China

   SNMP version running in the system:

           SNMPv3  

1.1.7  display snmp-agent usm-user

Syntax

display snmp-agent usm-user [ engineid engineid | username user-name | group group-name ] *

View

Any view

Parameter

engineid: Displays SNMPv3 user information for a specified engine ID.

user-name: Displays SNMPv3 user information for a specified user name, which is case sensitive.

group-name: Displays SNMPv3 user information for a specified SNMP group name, which is case sensitive.

Description

Use the display snmp-agent usm-user command to display SNMPv3 user information.

Example

 # Display SNMPv3 information for the current user aa.

<Sysname> display snmp-agent usm-user aa

   User name: aa

   Group name: mygroupv3

       Engine ID: 800007DB0000000000006877

       Storage-type: nonVolatile

       UserStatus: active

Table 1-5 describes the displayed information above.

Table 1-5 Descriptions on the fields of the display snmp-agent usm-user command

Field	Description
User name	SNMP user name
Group name	SNMP group name
Engine ID	Engine ID for an SNMP entity
Storage-type	Storage type
UserStatus	SNMP user status

 

1.1.8  enable snmp trap updown

Syntax

enable snmp trap updown

undo enable snmp trap updown

View

Ethernet port view

Parameter

None

Description

Use the enable snmp trap updown command to enable the sending of trap messages about port state changes, including linkup/linkdown trap messages.

Use the undo enable snmp trap updown command to disable the sending of SNMP trap messages about port state changes, including linkup/linkdown trap messages.

By default, the sending of trap messages about port state changes is enabled.

Note that, if you want a port to send SNMP trap messages when its port state changes, you must enable the function of sending linkup/linkdown trap messages both in Ethernet port view and system view. Use the enable snmp trap updown command to enable this function in Ethernet port view and use the snmp-agent trap enable [ standard [ linkdown | linkup ] * ] command to enable this function in system view.

Related command: snmp-agent target-host, and snmp-agent trap enable.

Example

Enable the sending of linkup/linkdown SNMP Trap messages on GigabitEthernet1/0/1 and use the community name public.

<Sysname> system-view

[Sysname] snmp-agent trap enable

[Sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname public

[Sysname] interface GigabitEthernet 1/0/1

[Sysname-GigabitEthernet1/0/1] enable snmp trap updown

1.1.9  snmp-agent

Syntax

snmp-agent

undo snmp-agent

View

System view

Parameter

None

Description

Use the snmp-agent command to enable SNMP agent.

Use the undo snmp-agent command to disable SNMP agent.

By default, SNMP agent is disabled.

Example

# Disable the current SNMP agent.

<Sysname> system-view

[Sysname] undo snmp-agent

1.1.10  snmp-agent community

Syntax

snmp-agent community { read | write } community-name [ acl acl-number | mib-view view-name ] *

undo snmp-agent community community-name

View

System view

Parameter

read: Indicates that the community have read only access right to the MIB objects, that is, the community can only inquire MIB information.

write: Indicates that the community have read and write access right to the MIB objects, that is, the community can configure MIB information.

community-name: Community name, a string of 1 to 32 characters.

view-name: MIB view name, a string of 1 to 32 characters.

acl-number: ACL for the community name, in the range of 2,000 to 2,999.

Description

Use the snmp-agent community command to configure a new SNMP community. Parameters to be configured include access right, community name, ACL, and accessible MIB views.

Use the undo snmp-agent community command to delete a specified community.

The community name configured with this command is only valid for the SNMP v1 and v2c agent.

Example

# Configure a community with the name of comaccess that has read-only access right.

<Sysname> system-view

[Sysname] snmp-agent community read comaccess

# Delete the community comaccess.

[Sysname] undo snmp-agent community comaccess

1.1.11  snmp-agent group

Syntax

The following syntax applies to SNMPv1 and SNMPv2c:

snmp-agent group { v1 | v2c } group-name [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]

undo snmp-agent group { v1 | v2c } group-name

The following syntax applies to SNMPv3:

snmp-agent group v3 group-name [ authentication | privacy ] [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]

undo snmp-agent group v3 group-name [ authentication | privacy ]

View

System view

Parameter

v1: Specifies SNMPv1.

v2c: Specifies SNMPv2c.

v3: Specifies SNMPv3.

group-name: Group name, a string of 1 to 32 characters.

group-name: Group name, a string of 1 to 32 characters.

authentication: Specifies the security model of the SNMP group to be authentication only (without privacy).

privacy: Specifies the security model of the SNMP group to be authentication and privacy.

read-view: Read view, a string of 1 to 32 characters.

write-view: Write view, a string of 1 to 32 characters.

notify-view: Notify view, for sending trap messages, a string of 1 to 32 characters.

acl-number: Basic ACL specified by the group name, in the range of 2000 to 2999.

Description

Use the snmp-agent group command to configure a new SNMP group and specify its access right.

Use the undo snmp-agent group command to delete a specified SNMP group.

By default, SNMP groups configured by the snmp-agent group v3 command use a no-authentication-no-privacy security model.

Related Command: snmp-agent mib-view, snmp-agent usm-user.

Example

# Create an SNMPv3 group named group1, without authentication and encryption.

<Sysname> system-view

[Sysname] snmp-agent group v3 group1

1.1.12  snmp-agent local-engineid

Syntax

snmp-agent local-engineid engineid

undo snmp-agent local-engineid

View

System view

Parameter

engineid: Engine ID, an even number of hexadecimal characters, in the range 10 to 64. Its length must not be an odd number, and the all-zero and all-F strings are invalid.

Description

Use the snmp-agent local-engineid command to configure a local engine ID for an SNMP entity.

Use the undo snmp-agent local-engineid command to restore the default local engine ID.

By default, the engine ID of a device is the combination of company ID and device ID. Device ID varies by product; it could be an IP address, a MAC address, or a self-defined hexadecimal number.

Notice that if the newly configured engine ID is not the same as the one used for creating the USM user, the user is invalid.

Related command: snmp-agent usm-user.

Example

# Configure the local engine ID to be 123456789A.

<Sysname> system-view

[Sysname] snmp-agent local-engineid 123456789A

1.1.13  snmp-agent mib-view

Syntax

snmp-agent mib-view { included | excluded } view-name oid-tree [ mask mask-value ]

undo snmp-agent mib-view view-name

View

System view

Parameter

view-name: View name, a string of 1 to 32 characters.

oid-tree: MIB object identifier tree. It can only be an OID string of 1 to 25 characters, such as 1.4.5.3.1, or an object name string, such as “system”. OID is made up of a series of integers, which marks the position of the node in the MIB tree and uniquely identifies an MIB object.

included: Indicates that all the nodes in the MIB tree are included in the current view.

excluded: Indicates that all the nodes in the MIB tree are not included in the current view.

mask-value: Mask for an object tree, in the range 1 to 32 hexadecimal digits.

Description

Use the snmp-agent mib-view command to create or update MIB view information to specify MIB objects that the network management station (NMS) can access.

Use the undo snmp-agent mib-view command to delete the current configuration.

By default, MIB view name is ViewDefault, OID of which is 1.

Related command: snmp-agent group.

Example

# Create a MIB view that includes all objects of mib2.

<Sysname> system-view

[Sysname] snmp-agent mib-view included mib2 1.3.6.1

1.1.14  snmp-agent packet max-size

Syntax

snmp-agent packet max-size byte-count

undo snmp-agent packet max-size

View

System view

Parameter

byte-count: Maximum number of bytes of an SNMP packet that can be received or sent by an agent, in the range of 484 to 17,940. The default value is 1,500 bytes.

Description

Use the snmp-agent packet max-size command to configure the maximum number of bytes in an SNMP packet that can be received or sent by an agent.

Use the undo snmp-agent packet max-size command to restore the default packet size.

Example

# Configure the maximum number of bytes that can be received or sent by an SNMP agent to 1,042 bytes.

<Sysname> system-view

[Sysname] snmp-agent packet max-size 1042

1.1.15  snmp-agent sys-info

Syntax

snmp-agent sys-info { contact sys-contact | location sys-location | version { { v1 | v2c | v3 } *| all } }

undo snmp-agent sys-info { contact | location | version { { v1 | v2c | v3 }* | all } }

View

System view

Parameter

sys-contact: String of 1 to 200 characters that describes the contact information for system maintenance.

sys-location: String of 1 to 200 characters that describes the location of the device.

version: The SNMP version in use.

v1: SNMPv1.

v2c: SNMPv2c.

v3: SNMPv3.

all: Specifies SNMPv1, SNMPv2c, and SNMPv3.

Description

Use the snmp-agent sys-info command to configure system information, including the contact information, the location, and the SNMP version in use.

Use the undo snmp-agent sys-info command to restore the default configuration.

By default, the location information is Hangzhou China, version is SNMPv3, and the contact is R&D Hangzhou, H3C Technologies co.,Ltd.

Related command: display snmp-agent sys-info.

 

 

Example

# Configure the contact information as “Dial System Operator at beeper # 27345”.

<Sysname> system-view

[Sysname] snmp-agent sys-info contact Dial System Operator at beeper # 27345

1.1.16  snmp-agent target-host

Syntax

snmp-agent target-host trap address udp-domain { ip-address | ipv6 ipv6-address } [ udp-port port-number ] params securityname security-string [ v1 | v2c | v3 [ authentication | privacy ] ]

undo snmp-agent target-host { ip-address | ipv6 ipv6-address } securityname security-string

View

System view

Parameter

trap: Specifies the host to be the Trap host.

address: Specifies the IP address of the target host for the SNMP messages.

udp-domain: Indicates that the Trap message is transmitted to the target host using UDP.

ip-address: IPv4 address of the Trap host.

ipv6: Specifies that the target host that receives Trap messages uses the IPv6 address.

ipv6-address: IPv6 address of the Trap host.

port-number: Number of the port that receives Trap packets, in the range of 0 to 65535.

params: Specifies the target host information used for generating SNMP messages.

security-string: SNMPv1 or SNMPv2c community name or SNMPv3 user name, a string of 1 to 32 characters.

v1: Specifies SNMPv1.

v2c: Specifies SNMPv2c.

v3: Specifies SNMPv3.

authentication: Specifies the security model to be authentication without privacy.

privacy: Specifies the security model to be authentication with privacy.

Description

Use the snmp-agent target-host command to configure the related settings for a Trap target host.

Use the undo snmp-agent target-host command to delete the current settings.

Related Command: enable snmp trap updown, snmp-agent trap enable, snmp-agent trap source, and snmp-agent trap life.

Example

# Enable the device to send SNMP Traps to 10.1.1.1, using the community name of “public”.

<Sysname> system-view

[Sysname] snmp-agent trap enable standard

[Sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname public

1.1.17  snmp-agent trap enable

Syntax

snmp-agent trap enable [ configuration | flash | standard [ authentication | coldstart | linkdown | linkup | warmstart ] * | system ]

undo snmp-agent trap enable [ configuration | flash | standard [ authentication | coldstart | linkdown | linkup | warmstart ] * | system ]

View

System view

Parameter

configuration: Enables the sending of configuration Trap packets.

flash: Enables the sending of FLASH Trap packets.

standard: Enables the sending of standard Trap packets.

authentication: Enables the sending of authentication failure Trap packets in the event of authentication failure.

coldstart: Sends coldstart Trap packets when the device restarts.

linkdown: Sends linkdown Trap packets when the port is down. This keyword is specified globally.

linkup: Sends linkup Trap packets when the port is up. This keyword is specified globally.

warmstart: Sends warmstart Trap packets when the SNMP restarts.

system: Sends H3C-SYS-MAN-MIB (a private MIB) Trap packets.

Description

Use the snmp-agent trap enable command to enable the device to send Traps globally.

Use the undo snmp-agent trap enable command to disable the device from sending Traps.

By default, the device is enabled to send Trap messages of all types.

Note that, if you want a port to send SNMT trap messages when its port state changes, you must enable the function of sending linkup/linkdown trap messages both in Ethernet port view and system view. Use the enable snmp trap updown command to enable this function in Ethernet port view and use the snmp-agent trap enable [ standard [ linkdown | linkup ] * ] command to enable this function in system view.

Related command: snmp-agent target-host, and enable snmp trap updown.

Example

# Enable the device to send SNMP authentication failure packets to 10.1.1.1, using the community name of “public”.

<Sysname> system-view

[Sysname] snmp-agent trap enable standard authentication

[Sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname public

1.1.18  snmp-agent trap life

Syntax

snmp-agent trap life seconds

undo snmp-agent trap life

View

System view

Parameter

seconds: Time-out time, in the range of 1 to 2,592,000 seconds.

Description

Use the snmp-agent trap life command to configure the life time for Traps, which will be discarded when their life time expires.

Use the undo snmp-agent trap life command to restore the default life time for Trap packets.

By default, the life time for SNMP Traps is 120 seconds.

Related Command: snmp-agent trap enable, snmp-agent target-host.

Example

# Configure the life time for Trap packets as 60 seconds.

<Sysname> system-view

[Sysname] snmp-agent trap life 60

1.1.19  snmp-agent trap queue-size

Syntax

snmp-agent trap queue-size size

undo snmp-agent trap queue-size

View

System view

Parameter

size: The queue size for the Trap messages, in the range of 1 to 1,000.

Description

Use the snmp-agent trap queue-size command to configure the size of the Trap queue.

Use the undo snmp-agent trap queue-size command to restore the default queue size.

By default, up to 100 Trap messages can be stored in the Trap queue.

Related Command: snmp-agent trap enable, snmp-agent target-host, snmp-agent trap life.

Example

# Configure the size of the Trap queue.

<Sysname> system-view

[Sysname] snmp-agent trap queue-size 200

1.1.20  snmp-agent trap source

Syntax

snmp-agent trap source interface-type interface-number

undo snmp-agent trap source

View

System view

Parameter

interface-type interface-number : Interface type and interface number.

Description

Use the snmp-agent trap source command to specify the source IP address sending the Trap message.

Use the undo snmp-agent trap source command to restore the default.

By default, SNMP chooses the IP address of an outgoing interface to be the source IP address of the Trap message.

Use this command to trace a specific event by the source IP address of a Trap message.

Note: Before you can configure the IP address of a particular interface as the source IP address of the Trap message, ensure that the interface already exists and that it has a legal IP address. Otherwise, it is likely that the configurations will either fail or be invalid.

Related Command: snmp-agent trap enable, and snmp-agent target-host.

Example

# Configure the IP address of Vlan-interface 1 to be the source address for Trap messages.

<Sysname> system-view

[Sysname] snmp-agent trap source Vlan-interface 1

1.1.21  snmp-agent usm-user

Syntax

The following syntax applies to SNMPv1 and SNMPv2c:

snmp-agent usm-user { v1 | v2c } user-name group-name [ acl acl-number ]

undo snmp-agent usm-user { v1 | v2c } user-name group-name

The following syntax applies to SNMPv3.

snmp-agent usm-user v3 user-name group-name [ authentication-mode { md5 | sha } auth-password  [ privacy-mode { des56 | aes128 } priv-password ] ] [ acl acl-number ]

undo snmp-agent usm-user v3 user-name group-name { local | engineid engineid-string }

View

System view

Parameter

v1: SNMPv1.

v2c: SNMPv2c.

v3: SNMPv3.

user-name: User name, a case-sensitive string of 1 to 32 characters.

group-name: Group name, a case-sensitive string of 1 to 32 characters.

authentication-mode: Specifies that the security mode is authentication.

md5: Specifies the authentication protocol to be HMAC-MD5-96.

sha: Specifies the authentication protocol to be HMAC-SHA-96.

auth-password: Authentication password, a string of 1 to 64 characters.

privacy: Specifies that the security mode is privacy.

des56: Specifies the privacy protocol to be DES.

aes128: Specifies the privacy protocol to be Advanced Encryption Standard (AES for short).

priv-password: The privacy password, a string of 1 to 64 characters.

acl-number: ACL, in the range of 2,000 to 2,999.

local: Represents a local SNMP entity user.

engineid-string: The engine ID string, an even number (in the range of 10 to 64) of hexadecimal numbers. An odd number of hexadecimal numbers, all-zero, and all-F are all regarded as invalid parameters.

Description

Use the snmp-agent usm-user command to add a user to an SNMP group.

Use the undo snmp-agent usm-user command to delete a user from an SNMP group.

You need to use the remote agent’s engineID during authentication after configuring its users. If the engineID has changed, the associated user becomes invalid.

For SNMPv1 and SNMPv2c, this command means adding of a new SNMP group. For SNMPv3, this command adds a new user to an SNMP group.

Related command: snmp-agent group, snmp-agent community, snmp-agent local-engineid.

Example

# Add a user John to the SNMP group Johngroup. Configure the security model to be authentication, the authentication protocol to be HMAC-MD5-96, and the authentication password to be hello.

<Sysname> system-view

[Sysname] snmp-agent group v3 Johngroup

[Sysname] snmp-agent usm-user v3 John Johngroup authentication-mode md5 hello

 

Chapter 2  RMON Configuration Commands

2.1  RMON Configuration Commands

2.1.1  display rmon alarm

Syntax

display rmon alarm [ entry-number ]

View

Any view

Parameter

entry-number: Index of an RMON alarm entry, in the range 1 to 65535.

Description

Use the display rmon alarm command to display the configuration of the specified or all RMON alarm entries.

If no entry is specified, the configuration of all alarm entries is displayed.

Related command: rmon alarm

Example

# Display the configuration of all RMON alarm table entries.

<Sysname> display rmon alarm

Alarm table 1 owned by user1 is VALID.

  Samples absolute value : 1.3.6.1.2.1.16.1.1.1.4.1 <etherStatsOctets.1>

  Sampling interval         : 10(sec)

  Rising threshold          : 1000(linked with event 1)

  Falling threshold         : 100(linked with event 1)

  When startup enables      : risingOrFallingAlarm

  Latest value              : 0

Table 2-1 Description on the fields of the display rmon alarm command

Field	Description
Alarm table 1	Alarm entry 1
user1	The owner of the entry, user1 in this example
VALID	The entry identified by the index is valid.
Samples absolute value	The object sampled by the absolute value
Sampling interval	Sampling interval
Rising threshold is 1000	Alarm rising threshold is 1000 (When the sampling value is bigger than or equal to this threshold, a rising alarm is triggered.)
Falling threshold is 100	Alarm falling threshold is 100 (When the sampling value is smaller than or equal to this threshold, a falling alarm is triggered.)
When startup enables      : risingOrFallingAlarm	Both rising alarms and falling alarms are enabled.
Latest value	The last sampled value

 

2.1.2  display rmon event

Syntax

display rmon event [ event-entry ]

View

Any view

Parameter

event-entry: Index of an RMON event table, in the range 1 to 65535. If no entry is specified, the configuration of all event entries is displayed.

Description

Use the display rmon event command to display the configuration of the specified or all RMON event entries.

Displayed information includes event index, event owner, event description, action triggered by the event (such as sending log or trap messages), and last time the event occurred (the elapsed time since system initialization/startup) in seconds.

Related command: rmon event.

Example

# Display the configuration of RMON event table.

<Sysname> display rmon event

Event table 1 owned by user1 is VALID.

  Description: null.

  Will cause log-trap when triggered, last triggered at 0days 00h:02m:27s.

Table 2-2 Description on the fields of the display rmon event command

Field	Description
Event table 1	Event entry 1
user1	Owner of the entry
VALID	Entry identified by the index is valid.
Description	Description on this event entry
cause log-trap when triggered	The event will trigger logging and trapping.
last triggered at 0days 00h:02m:27s	Last time the event was triggered

 

2.1.3  display rmon eventlog

Syntax

display rmon eventlog [ event-entry ]

View

Any view

Parameter

event-entry: Index of an event table, in the range 1 to 65535. If no entry is specified, the log information for all event entries is displayed.

Description

Use the display rmon eventlog command to display log information for the specified or all RMON event entries.

Displayed information includes event index, current event state, time the event was logged (the elapsed time in seconds since system initialization/startup), and event description.

Example

# Display the RMON event log information.

<Sysname> display rmon eventlog 1

Event table 1 owned by user1 is VALID.

Generates eventLog 1.1 at 0days 00h:01m:39s.

Description: The 1.3.6.1.2.1.16.1.1.1.4.1 defined in alarm table 1,

less than(or =) 100 with alarm value 0. Alarm sample type is absolute.

Generates eventLog 1.2 at 0days 00h:02m:27s.

Description: The alarm formula defined in private alarm table 1,

less than(or =) 100 with alarm value 0. Alarm sample type is absolute.

Table 2-3 Description on the fields of the display rmon eventlog command

Field	Description
Event table	Event entry
user1	Owner of the entry
VALID	The entry identified by the index is valid
Generates eventLog at	Time the event log was created
Description	Event description

 

2.1.4  display rmon history

Syntax

display rmon history [ interface-type interface-number ]

View

Any view

Parameter

interface-type: Port type.

interface-number: Port number.

Description

Use the display rmon history command to display RMON history control information and last history sampling information, including bandwidth utilization, number of errors, and total packet number.

Related command: rmon history.

Example

# Display RMON history information for GigabitEthernet1/0/1.

<Sysname> display rmon history GigabitEthernet 1/0/1

History control entry 1 owned by user1 is VALID

  Samples interface     : GigabitEthernet1/0/1<ifEntry.642>

  Sampling interval     : 10(sec) with 10 buckets max

  Latest sampled values :

  Dropevents        :0         , octets               :0

  packets           :0         , broadcast packets    :0

  multicast packets :0         , CRC alignment errors :0

  undersize packets :0         , oversize packets     :0

  fragments         :0         , jabbers              :0

  collisions        :0         , utilization          :0

Table 2-4 Description on the fields of the display rmon history command

Field	Description
Samples Interface	The sampled interface
History control entry	Index of the history control entry for the interface, 1 in this example
user1	Owner of the entry
VALID	The entry identified by the index is valid.
Sampling interval	Sampling interval
Buckets max	The maximum history table size for entries. If the buckets value specified in the rmon history command exceeds the capacity of the device for history entries, the displayed filed here is the real capacity of the device for history entries.
Latest sampled values	The latest sampled values
dropevents	Dropped packets during the sampling period
octets	The number of octets received during the sampling period
packet	The number of packets received during the sampling period
broadcastpacket	The number of broadcasts received during the sampling period
multicastpacket	The number of multicasts received during the sampling period
CRC alignment errors	The number of packets received with CRC alignment errors during the sampling period
undersize packets	The number of undersize packets received during the sampling period
oversize packets	The number of oversize packets received during the sampling period
fragments	The number of fragments received during the sampling period
jabbers	The number of jabbers received during the sampling period
collisions	The number of colliding packets received during the sampling period
utilization	Bandwidth utilization during the sampling period

 

2.1.5  display rmon prialarm

Syntax

display rmon prialarm [ entry-number ]

View

Any view

Parameter

entry-number: Private alarm entry index, in the range 1 to 65535. If no entry is specified, the configuration of all private alarm entries is displayed.

Description

Use the display rmon prialarm command to display the configuration of the specified or all private alarm entries.

Related command: rmon prialarm.

Example

# Display the configuration of all private RMON alarm entries.

[Sysname]display rmon prialarm

Prialarm table 2 owned by null is VALID.

  Samples type          : changeratio

  Variable formula      : ((.1.3.6.1.2.1.16.1.1.1.4.1)*100)

  Description           : test

  Sampling interval     : 10(sec)

  Rising threshold      : 50(linked with event 1)

  Falling threshold     : 5(linked with event 2)

  When startup enables  : risingOrFallingAlarm

  This entry will exist : forever

  Latest value          : 0  

Table 2-5 Description on the fields of the display rmon prialarm command

Field	Description
Prialarm table	Index of the prialarm table
owned by	The owner
VALID	The entry corresponding to the index is valid
Samples type	Samples type
Variable formula	Formula for alarm variables
Description	Description on alarm variables
Sampling interval	Sampling interval
Rising threshold          :	Alarm rising threshold. An alarm event is triggered when the sampled value is greater than or equal to this threshold.
Falling threshold         :	Alarm falling threshold. An alarm event is triggered when the sampled valued is less than or equal to this threshold.
linked with event	Event index associated with the alarm
When startup enables      : risingOrFallingAlarm	Alarming type: rising or falling
This entry will exist     :	The lifetime of the entry, which can be forever or span the specified period
Latest value	The last sampled value

 

2.1.6  display rmon statistics

Syntax

display rmon statistics [ interface-type interface-number ]

View

Any view

Parameter

interface-type: Port type.

 interface-number: Port number.

Description

Use the display rmon statistics command to display RMON statistics.

Displayed information includes collisions, CRC alignment errors, undersize/oversize packets, broadcasts, multicasts, received bytes, and received packets.

Related command: rmon statistics.

Example

# Display RMON statistics.

<Sysname> display rmon statistics

Statistics entry 1 owned by user-rmon is VALID.

  Interface : GigabitEthernet1/0/1<ifIndex.2>

  etherStatsOctets         : 384158    , etherStatsPkts          : 4855     

  etherStatsBroadcastPkts  : 1421      , etherStatsMulticastPkts : 733      

  etherStatsUndersizePkts  : 0         , etherStatsOversizePkts  : 0        

  etherStatsFragments      : 0         , etherStatsJabbers       : 0        

  etherStatsCRCAlignErrors : 0         , etherStatsCollisions    : 0        

  etherStatsDropEvents (insufficient resources): 0        

  Packets received according to length:

  64     : 1006      ,  65-127  : 3116      ,  128-255  : 722      

  256-511: 10        ,  512-1023: 1         ,  1024-1518: 0   

Table 2-6 Description on the fields of the display rmon statistics command

Field	Description
Statistics entry 1	Statistics table entry index, 1 in this example
user-rmon	Owner of the entry
VALID	The entry identified by the index is valid.
Interface	Interface on which statistics are gathered
etherStatsOctets	The number of octets received by the port during the statistical period
etherStatsPkts	The number of packets received by the port during the statistical period
etherStatsBroadcastPkts	The number of broadcast packets received by the interface during the statistical period
etherStatsMulticastPkts	The number of multicast packets received by the port during the statistical period
etherStatsUndersizePkts	The number of undersize packets received by the interface during the statistical period
etherStatsOversizePkts	The number of oversize packets received by the port during the statistical period
etherStatsFragments	The number of undersize packets with CRC errors received by the port during the statistical period
etherStatsJabbers	The number of oversize packets with CRC errors received by the interface during the statistical period
etherStatsCRCAlignErrors	The number of packets with CRC errors received on the port during the statistical period
etherStatsCollisions	The number of collisions received on the port during the statistical period
etherStatsDropEvents (insufficient resources)	Total number of drop events received on the port during the statistical period because of insufficient resources
Packets received according to length	Statistics of packets received according to length during the statistical period

 

2.1.7  rmon alarm

Syntax

rmon alarm entry-number alarm-variable sampling-time { absolute | delta } rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 [ owner text ]

undo rmon alarm entry-number

View

System view

Parameter

entry-number: Alarm entry index, in the range 1 to 65535.

alarm-variable: Alarm variable, a string of 1 to 256 characters, in dotted object identifier (OID) format, such as 1.3.6.1.2.1.2.1.10.1 (or ifInOctets.1). Only variables that can be parsed into INTEGER (INTEGER, Counter, Gauge, or Time Ticks) in the ASN.1 can be used for the alarm-variable argument.

sampling-time: Sampling interval, in the range 5 to 65,535 seconds.

absolute: Sets the sampling type to absolute.

delta: Sets the sampling type to delta.

threshold-value1: Rising threshold, in the range –2,147,483,648 to 2,147,483,647.

event-entry1: Index of the event triggered when the rising threshold is reached. It ranges from 0 to 65,535.

threshold-value2: Falling threshold, in the range –2,147,483,648 to 2,147,483,647.

event-entry2: Index of the event triggered when the falling threshold is not reached. It ranges from 0 to 65,535.

owner text: Owner of the entry, a string of 1 to 127 characters.

Description

Use the rmon alarm command to create an entry in the RMON alarm table.

Use the undo rmon alarm command to remove the specified entry from the RMON alarm table.

This command defines alarms to trigger alarm events when abnormity happens. Alarm entries trigger logging and sending Trap messages to the NMS.

The following is how the system handles alarm entries:

1)         Sample the alarm variables at the specified interval sampling-time.

2)         Compare the sampled values with the predefined threshold and do the following:

l           If the rising threshold is reached, trigger the event specified by the event-entry1 argument.

l           If the falling threshold is not reached, trigger the event specified by the event-entry2 argument.

 

 

Example

# Add entry 1 in the alarm table and samples the node 1.3.6.1.2.1.16.1.1.1.4.1 at a sampling interval of 10 seconds Generate event 1 when the sampled value is greater than or equal to the rising threshold of 50, and event 2 when the sampled value is lower than or equal to the falling threshold of 5. Set the owner of the entry to be user1.

<Sysname> system-view

[Sysname] rmon event 1 log

[Sysname] rmon event 2 none

[Sysname] interface GigabitEthernet 1/0/1

[Sysname-GigabitEthernet1/0/1] rmon statistics 1

[Sysname-GigabitEthernet1/0/1] quit

[Sysname] rmon alarm 1 1.3.6.1.2.1.16.1.1.1.4.1 10 absolute rising_threshold 50 1 falling_threshold 5 2 owner user1

# Delete the alarm table entry with the index of 15.

<Sysname> system-view

[Sysname] undo rmon alarm 15

2.1.8  rmon event

Syntax

rmon event event-entry [ description string ] { log | trap trap-community | log-trap log-trapcommunity | none } [ owner text ]

undo rmon event event-entry

View

System view

Parameter

event-entry: Event entry index, in the range 1 to 65,535.

description string: Event description, a string of 1 to 127 characters.

log: Logs the event when it occurs.

trap: Sends a trap message when the event occurs.

trap-community: Network management station community to which traps are sent, a string of 1 to 127 characters.

log-trap: Performs both logging and trap sending when the event occurs.

log-trapcommunity: Community name of the network management station that receives the log and trap messages, a string of 1 to 127 characters.

none: Performs no action when the event occurs.

owner text: Owner of the entry, a string of 1 to 127 characters.

Description

Use the rmon event command to create an entry in the RMON event table.

Use the undo rmon event command to remove a specified entry from the RMON event table.

When an event is triggered by its associated alarm in the alarm table, the event group allows you to log it, send a trap, or do both. This helps control the generation and notification of events.

Example

# Create event 10 in the RMON event table.

<Sysname> system-view

[Sysname] rmon event 10 log owner user1

2.1.9  rmon history

Syntax

rmon history entry-number buckets number interval sampling-interval [ owner text ]

undo rmon history entry-number

View

Ethernet port view

Parameter

entry-number: Entry index, in the range 1 to 65535.

buckets number: History table size for the entry, in the range 1 to 65,535.

interval sampling-interval: Sampling interval, in the range 5 to 3600 seconds.

owner text-string: Owner of the entry, a string of 1 to 127 characters.

Description

Use the rmon history command to create an entry in the RMON history control table.

Use the undo rmon history command to remove a specified entry from the RMON history control table.

This command can sample a specific port and set the sampling interval and the maximum history table size for the entry. This command enables RMON to periodically sample and save data (including utilization, number of errors, and total number of packets) for a specific port for later retrieval.

When entries are added, if the specified history table size exceeds the history table size the device supports, new entries can be added. However, the history table size the device supports takes effect.

Related command: display rmon history.

Example

# Create RMON history control entry 1 for interface Ethernet 1/0.

<Sysname> system-view

[Sysname] interface GigabitEthernet 1/0/1

[Sysname-GigabitEthernet 1/0/1] rmon history 1 buckets 10 interval 5 owner user1

# Remove history control entry 1.

<Sysname> system-view

[Sysname] interface GigabitEthernet 1/0/1

[Sysname- GigabitEthernet 1/0/1] undo rmon history 1

2.1.10  rmon prialarm

Syntax

rmon prialarm entry-number prialarm-formula prialarm-des sampling-timer { absolute | changeratio | delta } rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 entrytype { forever | cycle cycle-period } [ owner text ]

undo rmon prialarm entry-number

View

System view

Parameter

entry-number: Index of a private alarm entry, in the range 1 to 65535.

prialarm-formula: Private alarm variable formula, a string of 1 to 256 characters. The variables in the formula must be represented in OID format, the formula (.1.3.6.1.2.1.2.1.10.1)*8 for example. You may perform the basic operations of addition, subtraction, multiplication, and division on these variables. The operations should yield a long integer. To prevent errors, make sure that the result of each calculating step falls into the value range for long integers.

prialarm-des: Private alarm entry description, a string of 1 to 127 characters.

sampling-timer: Sampling interval, in the range 10 to 65,535 seconds.

absolute | changeratio | delta : Sets the sampling type to absolute, delta, or change ratio.

threshold-value1: Rising threshold, in the range –2,147,483,648 to 2,147,483,647.

event-entry1: Index of the event triggered when the rising threshold is reached. It ranges from 0 to 65,535.

threshold-value2: Falling threshold, in the range –2,147,483,648 to 2,147,483,647.

event-entry2: Index of the event triggered when the falling threshold is not reached. It ranges from 0 to 65,535.

forever: Indicates that the lifetime of the private alarm entry is infinite.

cycle: Indicates that the lifetime of the private alarm entry is periodical.

cycle-period: Lifetime of the private alarm entry, in the range 0 to 2,147,483,647 seconds.

owner text-string: Specifies the owner of the entry, a string of 1 to 127 characters.

Description

Use the rmon prialarm command to create an entry in the private alarm table of RMON.

Use the undo rmon prialarm command to remove a specific private alarm entry from the private alarm table of RMON.

 

 

The following is how the system handles private alarm entries:

1)         Sample the private alarm variables in the private alarm formula prialarm-formula at the specified sampling interval sampling-timer.

2)         Perform calculation on the sampled values with the formula prialarm-formula.

3)         Compare the calculation result with the predefined thresholds and do the following:

l           If the rising threshold is reached, trigger the event specified by the event-entry1 argument.

l           If the falling threshold is not reached, trigger the event specified by the event-entry2 argument.

Example

# Create entry 2 in the private alarm table, setting its lifetime to forever and owner to user1. Allows to calculate the private alarm variables with the ((.1.3.6.1.2.1.16.1.1.1.4.1)*100) formula and sample them at intervals of 10 seconds. When the change ratio between samples reaches the rising threshold of 50, trigger event 1; when the change ratio drops under the falling threshold of 5, trigger event 2.

<Sysname> system-view

[Sysname] interface GigabitEthernet 1/0/1

[Sysname-GigabitEthernet1/0/1] rmon statistics 1

[Sysname-GigabitEthernet1/0/1] quit

[Sysname] rmon prialarm 2 ((.1.3.6.1.2.1.16.1.1.1.4.1)*100) test 10 changeratio rising-threshold 50 1 falling-threshold 5 2 entrytype forever owner user1

# Remove private alarm entry 10 from the private alarm table.

<Sysname> system-view

[Sysname] undo rmon prialarm 10

2.1.11  rmon statistics

Syntax

rmon statistics entry-number [ owner text]

undo rmon statistics entry-number

View

Ethernet port view

Parameter

entry-number: Index of an entry, in the range 1 to 65535.

owner text: Specifies the owner of the entry, a string of 1 to 127 characters.

Description

Use the rmon statistics command to create an entry in the RMON statistics table.

Use the undo rmon statistics command to remove a specified entry from the RMON statistics table.

The RMON statistics group collects information on how a monitored port is being used and records errors. Statistics include number of collisions, CRC alignment errors, number of undersize or oversize packets, number of broadcasts, number of multicasts, number of bytes received, number of packets received.

To display information for the RMON statistics table, use the display rmon statistics command.

Example

# Create entry 20 in the RMON statistics table for GigabitEthernet1/0/1.

<Sysname> system-view

[Sysname] interface GigabitEthernet1/0/1

[Sysname-GigabitEthernet1/0/1] rmon statistics 20 owner user1