Field	Description
Community name	Community name. l If a community name is created by using the snmp-agent community command, the community name will be displayed. l If a community name is created by using the snmp-agent usm-user { v1 \| v2c } command, the user name will be displayed.
Group name	SNMP group name. l If a community name is created by using the snmp-agent community command, the group name and the community name are the same, which means the community name will be displayed. l If a community name is created by using the snmp-agent usm-user { v1 \| v2c } command, the name of the group to which the user belongs will be displayed.
Acl	The number of the ACL in use. After an ACL is configured, only the Network Management Station (NMS) with the IP address that matches the ACL rule can access the device.
Storage-type	Storage type, which could be: l volatile: Information will be lost if the system is rebooted l nonVolatile: Information will not be lost if the system is rebooted l permanent: Information will not be lost if the system is rebooted. Modification is permitted, but deletion is forbidden l readOnly: Information will not be lost if the system is rebooted. Read only, that is, no modification, no deletion l other: Other storage types

display snmp-agent group

Syntax

display snmp-agent group [ group-name ]

View

Any view

Default Level

1: Monitor level

Parameters

group-name: Specifies the SNMP group name, a string of 1 to 32 characters, case sensitive.

Description

Use the display snmp-agent group command to display information for the SNMP agent group, including group name, security model, MIB view, storage type, and so on. Absence of the group-name parameter indicates that information for all groups will be displayed.

Examples

# Display the information of all SNMP agent groups.

<Sysname> display snmp-agent group

Group name: groupv3

Security model: v3 noAuthnoPriv

Readview: ViewDefault

Writeview: <no specified>

Notifyview: <no specified>

Storage-type: nonVolatile

Table 1-2 display snmp-agent group command output description

Field	Description
Group name	SNMP group name
Security model	Security model of the SNMP group, which can be: authPriv (authentication with privacy), authNoPriv (authentication without privacy), or noAuthNoPriv (no authentication no privacy).
Readview	The read only MIB view associated with the SNMP group
Writeview	The writable MIB view associated with the SNMP group
Notifyview	The notify MIB view associated with the SNMP group, the view with entries that can generate traps
Storage-type	Storage type, which includes: volatile, nonVolatile, permanent, readOnly, and other. For detailed information, refer to Table 1-1.

display snmp-agent local-engineid

Syntax

display snmp-agent local-engineid

View

Any view

Default Level

1: Monitor level

Parameters

None

Description

Use the display snmp-agent local-engineid command to display the local SNMP agent engine ID.

SNMP engine ID identifies an SNMP entity uniquely within an SNMP domain. SNMP engine is an indispensable part of an SNMP entity. It provides the SNMP message allocation, message handling, authentication, and access control.

Examples

# Display the local SNMP agent engine ID.

<Sysname> display snmp-agent local-engineid

SNMP local EngineID: 800007DB7F0000013859

display snmp-agent mib-view

Syntax

display snmp-agent mib-view [ exclude | include | viewname view-name ]

View

Any view

Default Level

1: Monitor level

Parameters

exclude: Displays MIB view information of the excluded type.

include: Displays MIB view information of the included type.

viewname view-name: Displays MIB view information with a specified MIB view name, where view-name is the name of the specified MIB view.

Description

Use the display snmp-agent mib-view command to display MIB view information. Absence of parameters indicates that information for all MIB views will be displayed.

Examples

# Display all SNMP MIB views of the device.

<Sysname> display snmp-agent mib-view

View name:ViewDefault

MIB Subtree:iso

Subtree mask:

Storage-type: nonVolatile

View Type:included

View status:active

View name:ViewDefault

MIB Subtree:snmpUsmMIB

Subtree mask:

Storage-type: nonVolatile

View Type:excluded

View status:active

View name:ViewDefault

MIB Subtree:snmpVacmMIB

Subtree mask:

Storage-type: nonVolatile

View Type:excluded

View status:active

View name:ViewDefault

MIB Subtree:snmpModules.18

Subtree mask:

Storage-type: nonVolatile

View Type:excluded

View status:active

ViewDefault is the default view of the device. When you access the device through the ViewDefault view, you can access all the MIB objects of the iso subtree except for the MIB objects under the snmpUsmMIB, snmpVacmMIB, and snmpModules.18 subtrees.

Table 1-3 display snmp-agent mib-view command output description

Field	Description
View name	MIB view name
MIB Subtree	MIB subtree corresponding to the MIB view
Subtree mask	MIB subtree mask
Storage-type	Storage type
View Type	View type, which can be included or excluded: l Included indicates that all nodes of the MIB tree are included in current view, namely, you are allowed to access all the MIB objects of the subtree l Excluded indicates that none of the nodes of the MIB tree are included in current view, namely, you are allowed to access none of the MIB objects of the subtree
View status	The status of MIB view

display snmp-agent statistics

Syntax

display snmp-agent statistics

View

Any view

Default Level

1: Monitor level

Parameters

None

Description

Use the display snmp-agent statistics command to display SNMP statistics.

Examples

# Display the statistics on the current SNMP.

<Sysname> display snmp-agent statistics

1684 Messages delivered to the SNMP entity

5 Messages which were for an unsupported version

0 Messages which used a SNMP community name not known

0 Messages which represented an illegal operation for the community supplied

0 ASN.1 or BER errors in the process of decoding

1679 Messages passed from the SNMP entity

0 SNMP PDUs which had badValue error-status

0 SNMP PDUs which had genErr error-status

0 SNMP PDUs which had noSuchName error-status

0 SNMP PDUs which had tooBig error-status (Maximum packet size 1500)

16544 MIB objects retrieved successfully

2 MIB objects altered successfully

7 GetRequest-PDU accepted and processed

7 GetNextRequest-PDU accepted and processed

1653 GetBulkRequest-PDU accepted and processed

1669 GetResponse-PDU accepted and processed

2 SetRequest-PDU accepted and processed

0 Trap PDUs accepted and processed

0 Alternate Response Class PDUs dropped silently

0 Forwarded Confirmed Class PDUs dropped silently

Table 1-4 display snmp-agent statistics command output description

Field	Description
Messages delivered to the SNMP entity	Number of packets delivered to the SNMP agent
Messages which were for an unsupported version	Number of packets from a device with an SNMP version that is not supported by the current SNMP agent
Messages which used a SNMP community name not known	Number of packets that use an unknown community name
Messages which represented an illegal operation for the community supplied	Number of packets carrying an operation that the community has no right to perform
ASN.1 or BER errors in the process of decoding	Number of packets with ASN.1 or BER errors in the process of decoding
Messages passed from the SNMP entity	Number of packets sent by the SNMP agent
SNMP PDUs which had badValue error-status	Number of SNMP PDUs with a badValue error
SNMP PDUs which had genErr error-status	Number of SNMP PDUs with a genErr error
SNMP PDUs which had noSuchName error-status	Number of PDUs with a noSuchName error
SNMP PDUs which had tooBig error-status (Maximum packet size 1500)	Number of PDUs with a tooBig error (the maximum packet size is 1,500 bytes)
MIB objects retrieved successfully	Number of MIB objects that have been successfully retrieved
MIB objects altered successfully	Number of MIB objects that have been successfully modified
GetRequest-PDU accepted and processed	Number of get requests that have been received and processed
GetNextRequest-PDU accepted and processed	Number of getNext requests that have been received and processed
GetBulkRequest-PDU accepted and processed	Number of getBulk requests that have been received and processed
GetResponse-PDU accepted and processed	Number of get responses that have been received and processed
SetRequest-PDU accepted and processed	Number of set requests that have been received and processed
Trap PDUs accepted and processed	Number of traps that have been received and processed
Alternate Response Class PDUs dropped silently	Number of dropped response packets
Forwarded Confirmed Class PDUs dropped silently	Number of forwarded packets that have been dropped

display snmp-agent sys-info

Syntax

display snmp-agent sys-info [ contact | location | version ] *

View

Any view

Default Level

1: Monitor level

Parameters

contact: Displays the contact information of the current network administrator.

location: Displays the location information of the current device.

version: Displays the version of the current SNMP agent.

Description

Use the display snmp-agent sys-info command to display the current SNMP system information.

If no keyword is specified, all SNMP agent system information will be displayed.

Examples

# Display the current SNMP agent system information.

<Sysname> display snmp-agent sys-info

The contact person for this managed node:

Hangzhou H3C Technologies Co., Ltd.

The physical location of this node:

Hangzhou, China

SNMP version running in the system:

SNMPv3

display snmp-agent trap queue

Syntax

display snmp-agent trap queue

View

Any view

Default Level

1: Monitor level

Parameters

None

Description

Use the display snmp-agent trap queue command to display basic information of the trap queue, including trap queue name, queue length and the number of traps in the queue currently.

Related commands: snmp-agent trap life, snmp-agent trap queue-size.

Examples

# Display the current configuration and usage of the trap queue.

<Sysname> display snmp-agent trap queue

Queue name: SNTP

Queue size: 100

Message number: 6

Table 1-5 display snmp-agent trap queue command output description

Field	Description
Queue name	Trap queue name
Queue size	Trap queue size
Message number	Number of traps in the current trap queue

display snmp-agent trap-list

Syntax

display snmp-agent trap-list

View

Any view

Default Level

1: Monitor level

Parameters

None

Description

Use the display snmp-agent trap-list command to display the modules that can generate traps and whether their trap function is enabled or not. If a module comprises multiple sub-modules, then as long as one sub-module has the trap function enabled, the whole module will be displayed as being enabled with the trap function.

Related commands: snmp-agent trap enable.

Examples

# Display the modules that can generate traps and whether their trap function is enabled or not.

<Sysname> display snmp-agent trap-list

configuration trap enable

flash trap enable

standard trap enable

system trap enable

Enable traps: 4; Disable traps: 0

In the above output, enable indicates that the module is allowed to generate traps whereas disable indicates the module is not allowed to generate traps. You can configure the trap function (enable or disable) of each module through command lines.

display snmp-agent usm-user

Syntax

display snmp-agent usm-user [ engineid engineid | username user-name | group group-name ] *

View

Any view

Default Level

1: Monitor level

Parameters

engineid engineid: Displays SNMPv3 user information for a specified engine ID, where engineid indicates the SNMP engine ID.

username user-name: Displays SNMPv3 user information for a specified user name. It is case sensitive.

group group-name: Displays SNMPv3 user information for a specified SNMP group name. It is case sensitive.

Description

Use the display snmp-agent usm-user command to display SNMPv3 user information.

Examples

# Display SNMPv3 information of all created users.

<Sysname> display snmp-agent usm-user

User name: userv3

Group name: mygroupv3

Engine ID: 800063A203000FE240A1A6

Storage-type: nonVolatile

UserStatus: active

User name: userv3code

Group name: groupv3code

Engine ID: 800063A203000FE240A1A6

Storage-type: nonVolatile

UserStatus: active

Table 1-6 display snmp-agent usm-user command output description

Field	Description
User name	SNMP user name
Group name	SNMP group name
Engine ID	Engine ID for an SNMP entity
Storage-type	Storage type, which can be the following: l volatile l nonvolatile l permanent l readOnly l other See Table 1-1 for details.
UserStatus	SNMP user status

enable snmp trap updown

Syntax

enable snmp trap updown

undo enable snmp trap updown

View

Interface view

Default Level

2: System level

Parameters

None

Description

Use the enable snmp trap updown command to enable the trap function for interface state changes.

Use the undo enable snmp trap updown command to disable the trap function for interface state changes.

By default, the trap function for interface state changes is enabled.

Note that:

To enable an interface to generate linkUp/linkDown traps when its state changes, you need to enable the linkUp/linkDown trap function on the interface and globally. Use the enable snmp trap updown command to enable this function on an interface, and use the snmp-agent trap enable [ standard [ linkdown | linkup ] * ] command to enable this function globally.

Related commands: snmp-agent target-host, snmp-agent trap enable.

Examples

# Enable the sending of linkUp/linkDown SNMP traps on port GigabitEthernet 1/1/1 and use the community name public.

<Sysname> system-view

[Sysname] snmp-agent trap enable

[Sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname public

[Sysname] interface GigabitEthernet 1/1/1

[Sysname-GigabitEthernet1/1/1] enable snmp trap updown

snmp-agent

Syntax

snmp-agent

undo snmp-agent

View

System view

Default Level

3: Manage level

Parameters

None

Description

Use the snmp-agent command to enable SNMP agent.

Use the undo snmp-agent command to disable SNMP agent.

By default, SNMP agent is disabled.

You can enable SNMP agent through any commands that begin with snmp-agent.

Examples

# Enable SNMP agent on the device.

<Sysname> system-view

[Sysname] snmp-agent

snmp-agent calculate-password

Syntax

snmp-agent calculate-password plain-password mode { 3desmd5 | 3dessha | md5 | sha } { local-engineid | specified-engineid engineid }

View

System view

Default Level

3: Manage level

Parameters

plain-password: Plain text password to be encrypted.

mode: Specifies the encryption algorithm and authentication algorithm. The three encryption algorithms Advanced Encryption Standard (AES), triple data encryption standard (3DES), and Data Encryption Standard (DES) are in descending order in terms of security. Higher security means more complex implementation mechanism and lower speed. DES is enough to meet general requirements. Message-Digest Algorithm 5 (MD5) and Secure Hash Algorithm (SHA-1) are the two authentication algorithms. MD5 is faster than SHA-1, while SHA-1 provides higher security than MD5.

l 3desmd5: Converts a plain text encryption password to a cipher text encryption password. In this case, the authentication protocol must be MD5, and the encryption algorithm must be 3DES.

l 3dessha: Converts a plain text encryption password to a cipher text encryption password. In this case, the authentication protocol must be SHA-1, and the encryption algorithm must be 3DES.

l md5: Converts a plain text authentication password to a cipher text authentication password. In this case, the authentication protocol must be MD5. Or, this algorithm can convert the plain text encryption password to a cipher text encryption password, In this case, the authentication protocol must be MD5, and the encryption algorithm can be either AES or DES (when the authentication protocol is specified as MD5, cipher text passwords are the same by using the encryption algorithms AES and DES).

l sha: Converts the plain text authentication password to a cipher text authentication password. In this case, the authentication protocol must be SHA-1. Or, this algorithm can convert the plain text encryption password to a cipher text encryption password, In this case, the authentication protocol must be SHA-1, and the encryption algorithm can be either AES or DES (when the authentication protocol is specified as SHA-1, cipher text passwords are the same by using the encryption algorithms AES and DES).

local-engineid: Uses local engine ID to calculate cipher text password. For engine ID-related configuration, refer to the snmp-agent local-engineid command.

specified-engineid: Uses user-defined engine ID to calculate cipher text password.

engineid: The engine ID string, an even number of hexadecimal characters, in the range 10 to 64. Its length must not be an odd number, and the all-zero and all-F strings are invalid.

Description

Use the snmp-agent calculate-password command to convert the user-defined plain text password to a cipher text password.

Note that:

l The cipher text password converted with the sha keyword specified in this command is a string of 40 hexadecimal characters. For an authentication password, all of the 40 hexadecimal characters are valid; while for a privacy password, only the first 32 hexadecimal characters are valid.

l Enable SNMP on the device before executing the command.

When creating an SNMPv3 user, if you specify to use the cipher text authentication/encryption password, you can use this command to generate a cipher text password.

The converted password is associated with the engine ID, namely, the password is valid only under the specified engine ID based on which the password was configured.

Related commands: snmp-agent usm-user v3.

Examples

# Use local engine ID and MD5 authentication protocol to convert the plain text password authkey.

<Sysname> system-view

[Sysname] snmp-agent calculate-password authkey mode md5 local-engineid

The secret key is: 09659EC5A9AE91BA189E5845E1DDE0CC

snmp-agent community

Syntax

snmp-agent community { read | write } community-name [ acl acl-number | mib-view view-name ] *

undo snmp-agent community { read | write } community-name

View

System view

Default Level

3: Manage level

Parameters

read: Indicates that the community has read only access right to the MIB objects; that is, the NMS can perform read-only operations when it uses this community name to access the agent.

write: Indicates that the community has read and write access right to the MIB objects; that is, the NMS can perform read and write operations when it uses this community name to access the agent.

community-name: Community name, a string of 1 to 32 characters.

acl acl-number: Associates a basic ACL with the community name. acl-number is in the range 2,000 to 2,999. By using an ACL, you can configure to allow or prohibit the access to the agent from the NMS with the specified source IP address.

mib-view view-name: Specifies the MIB view name associated with community-name, where view-name represents the MIB view name, a string of 1 to 32 characters. If no keyword is specified, the default view is ViewDefault (The view created by the system after SNMP agent is enabled).

Description

Use the snmp-agent community command to create a new SNMP community. Parameters to be configured include access right, community name, ACL, and accessible MIB views.

Use the undo snmp-agent community command to delete a specified community.

The community name configured with this command is only valid for the SNMP v1 and v2c agent.

A community is composed of NMSs and SNMP agents, and is identified by the community name, which functions as a password. In a community, when devices communicate with each other, they use community name for authentication. The NMS and the SNMP agent can access each other only when they are configured with the same community name. Typically, public is used as the read-only community name, and private is used as the read and write community name. For security purposes, you are recommended to configure a community name other than public and private.

l The keyword acl specifies that only the NMS with a qualified IP address can access the agent.

l The argument community-name specifies the community name used by the NMS when it accesses the agent.

l The keyword mib-view specifies the MIB objects which the NMS can access.

l The keywords read and write specify the access type.

Related commands: snmp-agent mib-view.

Examples

# Create a community with the name of readaccess, allowing read-only access right using this community name.

<Sysname> system-view

[Sysname] snmp-agent sys-info version v1 v2c

[Sysname] snmp-agent community read readaccess

l Set the SNMP version on the NMS to SNMPv1 or SNMPv2c

l Fill in the read-only community name readaccess

l Establish a connection, and the NMS can perform read-only operations to the MIB objects in the ViewDefault view on the device

# Create a community with the name of writeaccess, allowing only the NMS with the IP address of 1.1.1.1 to configure the values of the agent MIB objects by using this community name; other NMSs are not allowed to perform the write operations by using this community name.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0

[Sysname-acl-basic-2001] rule deny source any

[Sysname-acl-basic-2001] quit

[Sysname] snmp-agent sys-info version v2c

[Sysname] snmp-agent community write writeaccess acl 2001

l Set the IP address of the NMS to 1.1.1.1

l Set the SNMP version on the NMS to SNMPv2c

l Fill in the write community name writeaccess; namely, the NMS can perform read-only operations to the MIB objects in the ViewDefault view on the device

# Create a community with the name of wr-sys-acc. The NMS can perform the read and write operations to the MIB objects of the system subtree (with the OID of 1.3.6.1.2.1.1).

<Sysname> system-view

[Sysname] snmp-agent sys-info version v1 v2c

[Sysname] snmp-agent mib-view included test system

[Sysname] snmp-agent community write wr-sys-acc mib-view system

l Set the SNMP version on the NMS to SNMPv1 or SNMPv2c

l Fill in the write community name wr-sys-acc

l Establish a connection, and the NMS can perform read and write operations to the MIB objects in system view on the device

snmp-agent group

Syntax

The following syntax applies to SNMPv1 and SNMP v2c:

snmp-agent group { v1 | v2c } group-name [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]

undo snmp-agent group { v1 | v2c } group-name

The following syntax applies to SNMPv3:

snmp-agent group v3 group-name [ authentication | privacy ] [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]

undo snmp-agent group v3 group-name [ authentication | privacy ]

View

System view

Default Level

3: Manage level

Parameters

v1: SNMPv1.

v2c: SNMPv2c.

v3: SNMPv3.

group-name: Group name, a string of 1 to 32 characters.

authentication: Specifies the security model of the SNMP group to be authentication only (without privacy).

privacy: Specifies the security model of the SNMP group to be authentication and privacy.

read-view read-view: Read view, a string of 1 to 32 characters. The default read view is ViewDefault.

write-view write-view: Write view, a string of 1 to 32 characters. By default, no write view is configured, namely, the NMS cannot perform the write operations to all MIB objects on the device.

notify-view notify-view: Notify view, for sending traps, a string of 1 to 32 characters. By default, no notify view is configured, namely, the agent does not send traps to the NMS.

acl acl-number: Associates a basic ACL with the group. acl-number is in the range 2000 to 2999. By using a basic ACL, you can restrict the source IP address of SNMP packets, that is, you can configure to allow or prohibit SNMP packets with a specific source IP address, so as to restrict the intercommunication between the NMS and the agent.

Description

Use the snmp-agent group command to configure a new SNMP group and specify its access right.

Use the undo snmp-agent group command to delete a specified SNMP group.

By default, SNMP groups configured by the snmp-agent group v3 command use a no-authentication-no-privacy security model.

An SNMP group defines security model, access right, and so on. A user in this SNMP group has all these public properties.

Related commands: snmp-agent mib-view, snmp-agent usm-user.

Examples

# Create an SNMP group group1 on an SNMPv3 enabled device, no authentication, no privacy.

<Sysname> system-view

[Sysname] snmp-agent group v3 group1

snmp-agent local-engineid

Syntax

snmp-agent local-engineid engineid

undo snmp-agent local-engineid

View

System view

Default Level

3: Manage level

Parameters

engineid: Engine ID, an even number of hexadecimal characters, in the range 10 to 64. Its length must not be an odd number, and the all-zero and all-F strings are invalid.

Description

Use the snmp-agent local-engineid command to configure a local engine ID for an SNMP entity.

Use the undo snmp-agent local-engineid command to restore the default local engine ID.

By default, the engine ID of a device is the combination of company ID and device ID. Device ID varies by product; it could be an IP address, a MAC address, or a self-defined string of hexadecimal numbers.

An engine ID has two functions:

l For all devices managed by one NMS, each device needs a unique engine ID to identify the SNMP agent. By default, each device has an engine ID. The network administrator has to ensure that there is no repeated engine ID within an SNMP domain.

l In SNMPv3, the user name and cipher text password are associated with the engine ID. Therefore, if the engine ID changes, the user name and cipher text password configured under the engine ID become invalid.

Typically, the device uses its default engine ID. For ease of remembrance, you can set engine IDs for the devices according to the network planning. For example, if both device 1 and device 2 are on the first floor of building A, you can set the engine ID of device 1 to 000Af0010001, and that of device 2 to 000Af0010002.

Related commands: snmp-agent usm-user.

Examples

# Configure the local engine ID as 123456789A.

<Sysname> system-view

[Sysname] snmp-agent local-engineid 123456789A

snmp-agent log

Syntax

snmp-agent log { all | get-operation | set-operation }

undo snmp-agent log { all | get-operation | set-operation }

View

System view

Default Level

3: Manage level

Parameters

all: Enables logging of SNMP GET and SET operations.

get-operation: Enables logging of SNMP GET operation.

set-operation: Enables logging of SNMP SET operation.

Description

Use the snmp-agent log command to enable SNMP logging.

Use the undo snmp-agent log command to restore the default.

By default, SNMP logging is disabled.

If specified SNMP logging is enabled, when the NMS performs a specified operation to the SNMP agent, the latter records the operation-related information and saves it to the information center. With parameters for the information center set, output rules of the SNMP logs are decided (that is, whether logs are permitted to output and the output destinations).

Examples

# Enable logging of SNMP GET operation.

<Sysname> system-view

[Sysname] snmp-agent log get-operation

# Enable logging of SNMP SET operation.

<Sysname> system-view

[Sysname] snmp-agent log set-operation

snmp-agent mib-view

Syntax

snmp-agent mib-view { excluded | included } view-name oid-tree [ mask mask-value ]

undo snmp-agent mib-view view-name

View

System view

Default Level

3: Manage level

Parameters

excluded: Indicates that no nodes of the MIB tree are included in current view.

included: Indicates that all nodes of the MIB tree are included in current view.

view-name: View name, a string of 1 to 32 characters.

oid-tree: MIB subtree, identified by the OID of the subtree root node, such as 1.4.5.3.1, or the name of the subtree root node, such as “system”. OID is made up of a series of integers, which marks the position of the node in the MIB tree and uniquely identifies a MIB object.

mask mask-value: Mask for a MIB subtree, in the range 1 to 32 hexadecimal digits. It must be an even digit.

Description

Use the snmp-agent mib-view command to create or update MIB view information so that MIB objects can be specified.

Use the undo snmp-agent mib-view command to delete the current configuration.

By default, MIB view name is ViewDefault.

MIB view is a subset of MIB, and it may include all nodes of a MIB subtree (that is, the access to all nodes of this MIB subtree is permitted), or may exclude all nodes of a MIB subtree (that is, the access to all nodes of this MIB subtree is forbidden).

You can use the display snmp-agent mib-view command to view the access right of the default view. Also, you can use the undo snmp-agent mib-view command to remove the default view, after that, however, you may not be able to read or write all MIB nodes on the agent.

Related commands: snmp-agent group.

Examples

# Create a MIB view mibtest, which includes all objects of the subtree mib-2, and excludes all objects of the subtree ip.

<Sysname> system-view

[Sysname] snmp-agent mib-view included mibtest 1.3.6.1

[Sysname] snmp-agent mib-view excluded mibtest ip

[Sysname] snmp-agent community read public mib-view mibtest

If the SNMP version on the NMS is set to SNMPv1, when the NMS uses the community name public to access the device, it cannot access all objects of the ip subtree (such as the ipForwarding node, the ipDefaultTTL node, and so on), but it can access all objects of the mib-2 subtree.

snmp-agent packet max-size

Syntax

snmp-agent packet max-size byte-count

undo snmp-agent packet max-size

View

System view

Default Level

3: Manage level

Parameters

byte-count: Maximum size of the SNMP packets that can be received or sent by the agent, in the range 484 to 17,940.

Description

Use the snmp-agent packet max-size command to configure the maximum size of the SNMP packets that can be received or sent by the agent.

Use the undo snmp-agent packet max-size command to restore the default packet size.

By default, the maximum size of the SNMP packets that can be received or sent by the agent is 1,500 bytes.

If devices not supporting fragmentation exist on the routing path between the NMS and the agent, you can use the command to configure the maximum SNMP packet size, and thus to prevent giant packets from being discarded.

Typically, you are recommended to apply the default value.

Examples

# Configure the maximum size of the SNMP packets that can be received or sent by the SNMP agent as 1,042 bytes.

<Sysname> system-view

[Sysname] snmp-agent packet max-size 1042

snmp-agent sys-info

Syntax

snmp-agent sys-info { contact sys-contact | location sys-location | version { all | { v1 | v2c | v3 }* } }

undo snmp-agent sys-info { contact | location | version { all | { v1 | v2c | v3 }* } }

View

System view

Default Level

3: Manage level

Parameters

contact sys-contact: A string of 1 to 200 characters that describes the contact information for system maintenance.

location sys-location: A string of 1 to 200 characters that describes the location of the device.

version: The SNMP version in use.

l all: Specifies SNMPv1, SNMPv2c, and SNMPv3.

l v1: SNMPv1.

l v2c: SNMPv2c.

l v3: SNMPv3.

Description

Use the snmp-agent sys-info command to configure system information, including the contact information, the location, and the SNMP version in use.

Use the undo snmp-agent sys-info contact and undo snmp-agent sys-info location command to restore the default.

Use the undo snmp-agent sys-info version command to disable use of the SNMP function of the specified version.

By default, the location information is Hangzhou China, version is SNMPv3, and the contact is Hangzhou H3C Technologies Co., Ltd.

The device can process the SNMP packets of the corresponding version only if SNMP of a specific version is enabled. If SNMPv1 is enabled, the device will drop the received SNMPv2c packets; if SNMPv2c is enabled, the device will drop the received SNMPv1 packets. To enable the device to communicate with different NMSs, you can enable SNMP of different versions on a device.

Related commands: display snmp-agent sys-info.

Network maintenance engineers can use the system contact information to get in touch with the manufacturer in case of network failures. The system location information is a management variable under the system branch as defined in RFC1213-MIB, identifying the location of the managed object.

Examples

# Configure the contact information as “Dial System Operator at beeper # 27345”.

<Sysname> system-view

[Sysname] snmp-agent sys-info contact Dial System Operator at beeper # 27345

snmp-agent target-host

Syntax

snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number ] params securityname security-string [ v1 | v2c | v3 [ authentication | privacy ] ]

undo snmp-agent target-host trap address udp-domain ip-address params securityname security-string

View

System view

Default Level

3: Manage level

Parameters

trap: Specifies the host to be the target host which will receive traps and notifications from the device.

address: Specifies the destination IP address in the SNMP messages sent from the device.

udp-domain: Indicates that the trap is transmitted using UDP.

ip-address: The IPv4 address of the trap target host.

udp-port port-number: Specifies the number of the port on the target host to receive traps.

params securityname security-string: Specifies the authentication related parameter, which is an SNMPv1 or SNMPv2c community name or an SNMPv3 user name, a string of 1 to 32 characters.

v1: SNMPv1.

v2c: SNMPv2c.

v3: SNMPv3.

l authentication: Specifies the security model to be authentication without privacy. Authentication is a process to check whether the packet is integral and whether it has been tampered. You need to configure the authentication password when creating an SNMPv3 user.

l privacy: Specifies the security model to be authentication with privacy. Privacy is to encrypt the data part of a packet to prevent it from being intercepted. You need to configure the authentication password and privacy password when creating an SNMPv3 user.

Description

Use the snmp-agent target-host command to configure the related settings for a trap target host.

Use the undo snmp-agent target-host command to remove the current settings. According to the networking requirements, you can use this command for multiple times to configure different settings for a target host, enabling the device to send trap messages to different NMSs. The maximum number of target hosts that can be configured is 20.

l If udp-port port-number is not specified, port number 162 is used.

l If the key words v1, v2 and v3 are not specified, v1 is used.

l If the key words authentication and privacy are not specified, the authentication mode is no authentication, no privacy.

Related commands: enable snmp trap updown, snmp-agent trap enable, snmp-agent trap source, snmp-agent trap life.

Examples

# Enable the device to send SNMP traps to 10.1.1.1, using the community name of public.

<Sysname> system-view

[Sysname] snmp-agent trap enable standard

[Sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname public

snmp-agent trap enable

Syntax

View

System view

Default Level

3: Manage level

Parameters

configuration: Enables the sending of configuration traps.

flash: Enables the sending of FLASH-related traps.

standard: Standard traps.

l authentication: Enables the sending of authentication failure traps in the event of authentication failure.

l coldstart: Sends coldstart traps when the device restarts.

l linkdown: Sends linkdown traps when the port is in a linkdown status. It should be configured globally.

l linkup: Sends linkup traps when the port is in a linkup status. It should be configured globally.

l warmstart: Sends warmstart traps when the SNMP restarts.

system: Sends H3C-SYS-MAN-MIB (a private MIB) traps.

Description

Use the snmp-agent trap enable command to enable the trap function globally.

Use the undo snmp-agent trap enable command to disable the trap function globally.

By default, the trap function is enabled.

Only after the trap function is enabled can each module generate corresponding traps.

Note that:

To enable an interface to generate Linkup/Linkdown traps when its state changes, you need to enable the linkUp/linkDown trap function on the interface and globally. Use the enable snmp trap updown command to enable this function on an interface, and use the snmp-agent trap enable [ standard [ linkdown | linkup ] * ] command to enable this function globally.

Related commands: snmp-agent target-host, enable snmp trap updown.

Examples

# Enable the device to send SNMP authentication failure packets to 10.1.1.1, using the community name public.

<Sysname> system-view

[Sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname public

[Sysname] snmp-agent trap enable standard authentication

snmp-agent trap if-mib link extended

Syntax

snmp-agent trap if-mib link extended

undo snmp-agent trap if-mib link extended

View

System view

Default Level

3: Manage level

Parameters

None

Description

Use the snmp-agent trap if-mib link extended command to extend the standard linkUp/linkDown traps defined in RFC. An extended linkUp/linkDown trap is the standard linkUp/linkDown trap defined in RFC appended with the interface description and interface type information.

Use the undo snmp-agent trap if-mib link extended command to restore the default.

By default, standard linkUp/linkDown traps defined in RFC are used.

l A standard linkUp trap is in the following format:

#Apr 24 11:48:04:896 2008 Sysname IFNET/4/INTERFACE UPDOWN:

Trap 1.3.6.1.6.3.1.1.5.4<linkUp>: Interface 983555 is Up, ifAdminStatus is 1, ifOperStatus is 1

l An extended linkUp trap is in the following format:

#Apr 24 11:43:09:896 2008 Sysname IFNET/4/INTERFACE UPDOWN:

Trap 1.3.6.1.6.3.1.1.5.4<linkUp>: Interface 983555 is Up, ifAdminStatus is 1, ifOperStatus is 1, ifDescr is GigabitEthernet1/1/1, ifType is 6

l A standard linkDown trap is in the following format:

#Apr 24 11:47:35:224 2008 Sysname IFNET/4/INTERFACE UPDOWN:

Trap 1.3.6.1.6.3.1.1.5.3<linkDown>: Interface 983555 is Down, ifAdminStatus is 2, ifOperStatus is 2

l An extended linkDown trap is in the following format:

#Apr 24 11:42:54:314 2008 AR29.46 IFNET/4/INTERFACE UPDOWN:

Trap 1.3.6.1.6.3.1.1.5.3<linkDown>: Interface 983555 is Down, ifAdminStatus is 2, ifOperStatus is 2, ifDescr is GigabitEthernet1/1/1, ifType is 6

The format of an extended linkup/ linkDown trap is the standard format followed with the ifDescr and ifType information, facilitating problem location.

Note that after this command is configured, the device sends extended linkUp/linkDown traps. If the extended messages are not supported on NMS, the device may not be able to resolve the messages.

Examples

# Extend standard linkUp/linkDown traps defined in RFC.

<Sysname> system-view

[Sysname] snmp-agent trap if-mib link extended

snmp-agent trap life

Syntax

snmp-agent trap life seconds

undo snmp-agent trap life

View

System view

Default Level

3: Manage level

Parameters

seconds: Timeout time, in the range 1 to 2,592,000 seconds.

Description

Use the snmp-agent trap life command to configure the holding time of the traps in the queue. Traps will be discarded when the holding time expires.

Use the undo snmp-agent trap life command to restore the default holding time of traps in the queue.

By default, the holding time of SNMP traps in the queue is 120 seconds.

The SNMP module sends traps in queues. As soon as the traps are saved in the trap queue, a timer is started. If traps are not sent out until the timer times out (namely, the holding time configured by using this command expires), the system removes the traps from the trap sending queue.

Related commands: snmp-agent trap enable, snmp-agent target-host.

Examples

# Configure the holding time of traps in the queue as 60 seconds.

<Sysname> system-view

[Sysname] snmp-agent trap life 60

snmp-agent trap queue-size

Syntax

snmp-agent trap queue-size size

undo snmp-agent trap queue-size

View

System view

Default Level

3: Manage level

Parameters

size: Number of traps that can be stored in the trap sending queue, in the range 1 to 1,000.

Description

Use the snmp-agent trap queue-size command to set the size of the trap sending queue.

Use the undo snmp-agent trap queue-size command to restore the default queue size.

By default, up to 100 traps can be stored in the trap sending queue.

After traps are generated, they will be saved into the trap sending queue. The size of the queue determines the maximum number of the traps that can be stored in the queue. When the size of the trap sending queue reaches the configured value, the newly generated traps are saved into the queue, and the earliest ones are discarded.

Related commands: snmp-agent trap enable, snmp-agent target-host, snmp-agent trap life.

Examples

# Set the maximum number of traps that can be stored in the trap sending queue to 200.

<Sysname> system-view

[Sysname] snmp-agent trap queue-size 200

snmp-agent trap source

Syntax

snmp-agent trap source interface-type interface-number

undo snmp-agent trap source

View

System view

Default Level

3: Manage level

Parameters

interface-type interface-number: Specifies the interface type and interface number.

Description

Use the snmp-agent trap source command to specify the source IP address contained in the trap.

Use the undo snmp-agent trap source command to restore the default.

By default, SNMP chooses the IP address of an interface to be the source IP address of the trap.

Upon the execution of this command, the system uses the primary IP address of the specified interface as the source IP address of the traps, and the NMS will use this IP address to uniquely identify the agent. Even if the agent sends out traps through different interfaces, the NMS uses this IP address to filter all traps sent from the agent.

Use this command to trace a specific event by the source IP address of a trap.

Note that:

Before you can configure the IP address of a particular interface as the source IP address of the trap, ensure that the interface already exists and that it has a legal IP address. Otherwise, if the configured interface does not exist, the configurations will fail; if the specified IP address is illegal, the configuration will be invalid. After a legal IP address is configured for the interface, the configuration becomes valid automatically.

Related commands: snmp-agent trap enable, snmp-agent target-host.

Examples

# Configure the IP address for the port Vlan-interface 1 as the source address for traps.

<Sysname> system-view

[Sysname] snmp-agent trap source Vlan-interface 1

snmp-agent usm-user { v1 | v2c }

Syntax

snmp-agent usm-user { v1 | v2c } user-name group-name [ acl acl-number ]

undo snmp-agent usm-user { v1 | v2c } user-name group-name

View

System view

Default Level

3: Manage level

Parameters

v1: The configured user name should be applied in the SNMPv1 networking environment. If the agent and the NMS use SNMPv1 packets to communicate with each other, this keyword is needed.

v2c: The configured user name should be applied in the SNMPv2c networking environment. If the agent and the NMS use SNMPv2c packets to communicate with each other, this keyword is needed..

user-name: User name, a string of 1 to 32 characters. It is case sensitive.

group-name: Group name, a string of 1 to 32 characters. It is case sensitive.

acl acl-number: Associates a basic ACL with the user. acl-number is in the range 2000 to 2999. By using a basic ACL, you can restrict the source IP address of SNMP packets, that is, you can configure to allow or prohibit SNMP packets with a specific source IP address, so as to allow or prohibit the specified NMS to access the agent by using this user name.

Description

Use the snmp-agent usm-user { v1 | v2c } command to add a user to an SNMP group.

Use the undo snmp-agent usm-user { v1 | v2c } command to delete a user from an SNMP group.

As defined in the SNMP protocol, in SNMPv1 and SNMPv2c networking applications, the NMS and the agent use community name to authenticate each other; in SNMPv3 networking applications, they use user name to authenticate each other. If you prefer using the user name in the authentication, the device supports configuration of SNMPv1 and SNMPv2c users. Creating an SNMPv1 or SNMPv2c user equals adding of a new read-only community name. After you add the user name into the read-only community name field of the NMS, the NMS can establish SNMP connection with the device.

To make the configured user take effect, create an SNMP group first.

Related commands: snmp-agent group, snmp-agent community, snmp-agent usm-user v3.

Examples

# Create a v2c user userv2c in group readCom.

<Sysname> system-view

[Sysname] snmp-agent sys-info version v2c

[Sysname] snmp-agent group v2c readCom

[Sysname] snmp-agent usm-user v2c userv2c readCom

l Set the SNMP version on the NMS to SNMPv2c

l Fill in the read community name userv2c, and then the NMS can access the agent

# Create a v2c user userv2c in group readCom, allowing only the NMS with the IP address of 1.1.1.1 to access the agent by using this user name; other NMSs are not allowed to access the agent by using this user name.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0

[Sysname-acl-basic-2001] rule deny source any

[Sysname-acl-basic-2001] quit

[Sysname] snmp-agent sys-info version v2c

[Sysname] snmp-agent group v2c readCom

[Sysname] snmp-agent usm-user v2c userv2c readCom acl 2001

l Set the IP address of the NMS to 1.1.1.1

l Set the SNMP version on the NMS to SNMPv2c

l Fill in both the read community and write community options with userv2c, and then the NMS can access the agent.

snmp-agent usm-user v3

Syntax

snmp-agent usm-user v3 user-name group-name [ cipher ] [ authentication-mode { md5 | sha } auth-password [ privacy-mode { 3des | aes128 | des56 } priv-password ] ] [ acl acl-number ]

undo snmp-agent usm-user v3 user-name group-name { local | engineid engineid-string }

View

System view

Default Level

3: Manage level

Parameters

user-name: User name, a string of 1 to 32 characters. It is case sensitive.

group-name: Group name, a string of 1 to 32 characters. It is case sensitive.

cipher: Specifies that auth-password and priv-password are cipher text passwords, which can be calculated by using the snmp-agent calculate-password command.

authentication-mode: Specifies the security model to be authentication. MD5 is faster than SHA, while SHA provides a higher security than MD5.

l md5: Specifies the authentication protocol as MD5.

l sha: Specifies the authentication protocol as SHA-1.

auth-password: Authentication password. If the cipher keyword is not specified, auth-password indicates a plain text password, which is a string of 1 to 64 visible characters. If the cipher keyword is specified, auth-password indicates a cipher text password. If the md5 keyword is specified, auth-password is a string of 32 hexadecimal characters. If the sha keyword is specified, auth-password is a string of 40 hexadecimal characters.

privacy-mode: Specifies the security model to be privacy. The three encryption algorithms AES, 3DES, and DES are in descending order in terms of security. Higher security means more complex implementation mechanism and lower speed. DES is enough to meet general requirements.

l 3des: Specifies the privacy protocol as 3DES.

l des56: Specifies the privacy protocol as DES.

l aes128: Specifies the privacy protocol as AES.

priv-password: The privacy password. If the cipher keyword is not specified, priv-password indicates a plain text password, which is a string of 1 to 64 characters; if the cipher keyword is specified, priv-password indicates a cipher text password; if the 3des keyword is specified, priv-password is a string of 80 hexadecimal characters; if the aes128 keyword is specified, priv-password is a string of 40 hexadecimal characters; if the des56 keyword is specified, priv-password is a string of 40 hexadecimal characters.

local: Represents a local SNMP entity user.

engineid engineid-string: The engine ID string, an even number of hexadecimal characters, in the range 10 to 64. Its length must not be an odd number, and the all-zero and all-F strings are invalid.

Description

Use the snmp-agent usm-user v3 command to add a user to an SNMP group.

Use the undo snmp-agent usm-user v3 command to delete a user from an SNMP group.

The user name configured by using this command is applicable to the SNMPv3 networking environments, If the agent and the NMS use SNMPv3 packets to communicate with each other, you need to create an SNMPv3 user.

To make the configured user valid, create an SNMP group first. Configure the authentication and encryption modes when you create a group, and configure the authentication and encryption passwords when you create a user.

l If you specify the cipher keyword, the system considers the arguments auth-password and priv-password as cipher text passwords. In this case, the command supports copy and paste, meaning if the engine IDs of the two devices are the same, you can copy and paste the SNMPv3 configuration commands in the configuration file on device A to device B and execute the commands on device B. The cipher text password and plain text password on the two devices are the same.

l If you do not specify the cipher keyword, the system considers the arguments auth-password and priv-password as plain text passwords. In this case, if you perform the copy and paste operation, the system will encrypt these two passwords, resulting in inconsistency of the cipher text and plain text passwords of the two devices.

Note that:

l If you use the snmp-agent usm-user v3 cipher command, the pri-password argument in this command can be obtained by the snmp-agent calculate-password command. To make the calculated cipher text password applicable to the snmp-agent usm-user v3 cipher command and have the same effect as that in the snmp-agent usm-user v3 cipher command, ensure that the same privacy protocol is specified for the two commands and the local engine ID specified in the snmp-agent usm-user v3 cipher command is consistent with the SNMP entity engine ID specified in the snmp-agent calculate-password command.

l If you execute this command repeatedly to configure the same user (namely, the user names are the same, no limitation to other keywords and arguments), the last configuration takes effect.

l A plain text password is required when the NMS accesses the device; therefore, please remember the user name and the plain text password when you create a user.

Related commands: snmp-agent calculate-password, snmp-agent group, snmp-agent usm-user { v1 | v2c }.

Examples

# Add a user testUser to the SNMPv3 group testGroup. Configure the security model as authentication without privacy, the authentication protocol as MD5, the plain-text authentication password as authkey.

<Sysname> system-view

[Sysname] snmp-agent group v3 testGroup authentication

[Sysname] snmp-agent usm-user v3 testUser testGroup authentication-mode md5 authkey

l Set the SNMP version on the NMS to SNMPv3

l Fill in the user name testUser,

l Set the authentication protocol to MD5

l Set the authentication password to authkey

l Establish a connection, and the NMS can access the MIB objects in the ViewDefault view on the device

# Add a user testUser to the SNMPv3 group testGroup. Configure the security model as authentication and privacy, the authentication protocol as MD5, the privacy protocol as DES56, the plain-text authentication password as authkey, and the plain-text privacy password as prikey.

<Sysname> system-view

[Sysname] snmp-agent group v3 testGroup privacy

[Sysname] snmp-agent usm-user v3 testUser testGroup authentication-mode md5 authkey privacy-mode des56 prikey

l Set the SNMP version on the NMS to SNMPv3

l Fill in the user name testUser,

l Set the authentication protocol to MD5

l Set the authentication password to authkey

l Set the privacy protocol to DES

l Set the privacy password to prikey

l Establish a connection, and the NMS can access the MIB objects in the ViewDefault view on the device

# Add a user testUser to the SNMPv3 group testGroup with the cipher keyword specified. Configure the security model as authentication and privacy, the authentication protocol as MD5, the privacy protocol as DES56, the plain-text authentication password as authkey, and the plain-text privacy password as prikey

<Sysname> system-view

[Sysname] snmp-agent group v3 testGroup privacy

[Sysname] snmp-agent calculate-password authkey mode md5 local-engineid

The secret key is: 09659EC5A9AE91BA189E5845E1DDE0CC

[Sysname] snmp-agent calculate-password prikey mode md5 local-engineid

The secret key is: 800D7F26E786C4BECE61BF01E0A22705

[Sysname] snmp-agent usm-user v3 testUser testGroup cipher authentication-mode md5 09659EC5A9AE91BA189E5845E1DDE0CC privacy-mode des56 800D7F26E786C4BECE61BF01E0A22705

l Set the SNMP version on the NMS to SNMPv3

l Fill in the user name testUser,

l Set the authentication protocol to MD5

l Set the authentication password to authkey

l Set the privacy protocol to DES

l Set the privacy password to prikey

l Establish a connection, and the NMS can access the MIB objects in the ViewDefault view on the device

2 MIB Configuration Commands

MIB Configuration Commands

display mib-style

Syntax

display mib-style

View

Any view

Default Level

3: Manage level

Parameters

None

Description

Use the display mib-style command to display the MIB style of the device.

Two MIB styles are available on the device: new and compatible. After obtaining the MIB style, you can select matched H3C network management software based on the MIB style.

Related commands: mib-style.

Examples

# After getting the device ID from node sysObjectID, you find that it is an H3C device, and hope to know the current MIB style or the MIB style after next boot of the device.

<Sysname> display mib-style

Current MIB style: new

Next reboot MIB style: new

The above output information indicates that the current MIB style of the device is new, and the MIB style after next boot is still new.

mib-style

Syntax

mib-style [ new | compatible ]

View

System view

Default Level

3: Manage level

Parameters

new: Specifies the MIB style of the device as H3C new; that is, both sysOID and private MIB of the device are located under the H3C enterprise ID 25506.

compatible: Specifies the MIB style of the device as H3C compatible; that is, sysOID of the device is located under the H3C enterprise ID 25506, and private MIB is located under the enterprise ID 2011.

Description

Use the mib-style command to set the MIB style of the device.

By default, the MIB style of the device is new.

Note that the configuration takes effect only after the device reboots.

Examples

# Modify the MIB style of the device as compatible.

<Sysname> system-view

[Sysname] mib-style compatible

[Sysname] quit

<Sysname> display mib-style

Current MIB style: new

Next reboot MIB style: compatible

<Sysname> reboot

3 RMON Configuration Commands

RMON Configuration Commands

display rmon alarm

Syntax

display rmon alarm [ entry-number ]

View

Any view

Default Level

1: Monitor level

Parameters

entry-number: Index of an RMON alarm entry, in the range 1 to 65535. If no entry is specified, the configuration of all alarm entries is displayed.

Description

Use the display rmon alarm command to display the configuration of the specified or all RMON alarm entries.

Related commands: rmon alarm.

Examples

# Display the configuration of all RMON alarm table entries.

<Sysname> display rmon alarm

AlarmEntry 1 owned by user1 is VALID.

Samples type : absolute

Variable formula : 1.3.6.1.2.1.16.1.1.1.4.1<etherStatsOctets.1>

Sampling interval : 10(sec)

Rising threshold : 50(linked with event 1)

Falling threshold : 5(linked with event 2)

When startup enables : risingOrFallingAlarm

Latest value : 0

Table 3-1 display rmon alarm command output description

Field	Description
AlarmEntry	Alarm entry, corresponding to the management information base (MIB) node alarmIndex.
owned by	Owner of the entry, user1 in this example, corresponding to the MIB node alarmOwner.
VALID	Status of the entry identified by the index (VALID means the entry is valid, and UNDERCREATION means invalid. You can use the display rmon command to view the invalid entry, while with the display current-configuration and display this commands you cannot view the corresponding rmon commands.), corresponding to the MIB node alarmStatus.
Samples type	The sampling type (the value can be absolute or delta), corresponding to the MIB node alarmSampleType.
Variable formula	Alarm variable, namely, the monitored MIB node, corresponding to the MIB node alarmVariable.
Sampling interval	Sampling interval, in seconds, corresponding to the MIB node alarmInterval.
Rising threshold	Alarm rising threshold (When the sampling value is bigger than or equal to this threshold, a rising alarm is triggered.), corresponding to the MIB node alarmRisingThreshold.
Falling threshold	Alarm falling threshold (When the sampling value is smaller than or equal to this threshold, a falling alarm is triggered.), corresponding to the MIB node alarmFallingThreshold.
When startup enables	How an alarm can be triggered, corresponding to the MIB node alarmStartupAlarm.
Latest value	The last sampled value, corresponding to the MIB node alarmValue.

display rmon event

Syntax

display rmon event [ entry-number ]

View

Any view

Default Level

1: Monitor level

Parameters

entry-number: Index of an RMON event entry, in the range 1 to 65535. If no entry is specified, the configuration of all event entries is displayed.

Description

Use the display rmon event command to display the configuration of the specified or all RMON event entries.

Displayed information includes event index, event owner, event description, action triggered by the event (such as sending log or trap messages), and last time the event occurred (the elapsed time since system initialization/startup) in seconds.

Related commands: rmon event.

Examples

# Display the configuration of RMON event table.

<Sysname> display rmon event

EventEntry 1 owned by user1 is VALID.

Description: null.

Will cause log-trap when triggered, last triggered at 0days 00h:02m:27s.

Table 3-2 display rmon event command output description

Field	Description
EventEntry	Event entry, corresponding to the MIB node eventIndex.
owned by	Owner of the entry, corresponding to the MIB node eventOwner.
VALID	Status of the entry identified by the index (VALID means the entry is valid, and UNDERCREATION means invalid. You can use the display rmon command to view the invalid entry; while with the display current-configuration and display this commands you cannot view the corresponding rmon commands.), corresponding to the MIB node eventStatus.
Description	Description for the event, corresponding to the MIB node eventDescription.
cause log-trap when triggered	The actions that the system will take when the event is triggered: l none: The system will take no action l log: The system will log the event l snmp-trap: The system will send a trap to the NMS l log-and-trap: The system will log the event and send a trap to the NMS This field corresponds to the MIB node eventType.
last triggered at	Time when the last event was triggered, corresponding to the MIB node eventLastTimeSent.

display rmon eventlog

Syntax

display rmon eventlog [ entry-number ]

View

Any view

Default Level

1: Monitor level

Parameters

entry-number: Index of an event entry, in the range 1 to 65535.

Description

Use the display rmon eventlog command to display log information for the specified or all event entries.

If entry-number is not specified, the log information for all event entries is displayed.

If you use the rmon event command to configure the system to log an event when the event is triggered, the event is recorded into the RMON log. You can use this command to display the details of the log table: event index, current event state, time the event was logged (the elapsed time in seconds since system initialization/startup), and event description.

Examples

# Display the RMON log information for event entry 1.

<Sysname> display rmon eventlog 1

LogEntry 1 owned by null is VALID.

Generates eventLog 1.1 at 0day(s) 00h:00m:33s.

Description: The alarm formula defined in prialarmEntry 1,

uprise 80 with alarm value 85. Alarm sample type is absolute.

Generates eventLog 1.2 at 0day(s) 00h:42m:03s.

Description: The alarm formula defined in prialarmEntry 2,

less than(or =) 5 with alarm value 0. Alarm sample type is delta.

Table 3-3 display rmon eventlog command output description

Field	Description
LogEntry	Event log entry, corresponding to the MIB node logIndex.
owned by	Owner of the entry, corresponding to the MIB node eventOwner.
VALID	Status of the entry identified by the index (VALID means the entry is valid, and UNDERCREATION means invalid. You can use the display rmon command to view the invalid entry; while with the display current-configuration and display this commands you cannot view the corresponding rmon commands.), corresponding to the MIB node eventStatus.
Generates eventLog at	Time when the log was created (Time passed since the device was booted), corresponding to the MIB node logTime.
Description	Log description, corresponding to the MIB node logDescription.

The above example shows that event 1 has generated two logs:

l eventLog 1.1, generated by private alarm entry 1, which is triggered because the alarm value (85) exceeds the rising threshold (80). The sampling type is absolute.

l eventLog 1.2, generated by private alarm entry 2, which is triggered because the alarm value (0) is lower than the falling threshold (5). The sampling type is delta.

display rmon history

Syntax

display rmon history [ interface-type interface-number ]

View

Any view

Default Level

1: Monitor level

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Description

Use the display rmon history command to display RMON history control entry and history sampling information.

After you have created history control entry on an interface, the system calculates the information of the interface periodically and saves this information to the etherHistoryEntry table. You can use this command to display the entries in this table.

You can configure the number of history sampling records that can be displayed and the history sampling interval through the rmon history command.

Related commands: rmon history.

Examples

# Display RMON history control entry and history sampling information for interface GigabitEthernet 1/1/1.

<Sysname> display rmon history GigabitEthernet 1/1/1

HistoryControlEntry 1 owned by null is VALID

Samples interface : GigabitEthernet1/1/1<ifIndex.1>

Sampling interval : 10(sec) with 5 buckets max

Sampled values of record 1 :

dropevents : 0 , octets : 0

packets : 0 , broadcast packets : 0

multicast packets : 0 , CRC alignment errors : 0

undersize packets : 0 , oversize packets : 0

fragments : 0 , jabbers : 0

collisions : 0 , utilization : 0

Sampled values of record 2 :

dropevents : 0 , octets : 0

packets : 0 , broadcast packets : 0

multicast packets : 0 , CRC alignment errors : 0

undersize packets : 0 , oversize packets : 0

fragments : 0 , jabbers : 0

collisions : 0 , utilization : 0

Sampled values of record 3 :

dropevents : 0 , octets : 0

packets : 0 , broadcast packets : 0

multicast packets : 0 , CRC alignment errors : 0

undersize packets : 0 , oversize packets : 0

fragments : 0 , jabbers : 0

collisions : 0 , utilization : 0

Sampled values of record 4 :

dropevents : 0 , octets : 0

packets : 0 , broadcast packets : 0

multicast packets : 0 , CRC alignment errors : 0

undersize packets : 0 , oversize packets : 0

fragments : 0 , jabbers : 0

collisions : 0 , utilization : 0

Sampled values of record 5 :

dropevents : 0 , octets : 0

packets : 0 , broadcast packets : 0

multicast packets : 0 , CRC alignment errors : 0

undersize packets : 0 , oversize packets : 0

fragments : 0 , jabbers : 0

collisions : 0 , utilization : 0

Table 3-4 display rmon history command output description

Field	Description
HistoryControlEntry	History control entry, corresponding to the MIB node etherHistoryIndex.
owned by	Owner of the entry, corresponding to the MIB node historyControlOwner.
VALID	Status of the entry identified by the index (VALID means the entry is valid, and UNDERCREATION means invalid. You can use the display rmon command to view the invalid entry; while with the display current-configuration and display this commands you cannot view the corresponding rmon commands.), corresponding to the MIB node historyControlStatus.
Samples Interface	The sampled interface
Sampling interval	Sampling period, in seconds, corresponding to the MIB node historyControlInterval. The system samples the information of an interface periodically.
buckets max	The maximum number of history table entries that can be saved, corresponding to the MIB node historyControlBucketsGranted. If the specified value of the buckets argument exceeds the history table size supported by the device, the supported history table size is displayed. If the current number of the entries in the table has reached the maximum number, the system will delete the earliest entry to save the latest one.
Sampled values of record number	The (number)th statistics recorded in the system cache. Statistics records are numbered according to the order of time they are saved into the cache.
dropevents	Dropped packets during the sampling period, corresponding to the MIB node etherHistoryDropEvents.
octets	Number of octets received during the sampling period, corresponding to the MIB node etherHistoryOctets.
packets	Number of packets received during the sampling period, corresponding to the MIB node etherHistoryPkts.
broadcastpackets	Number of broadcasts received during the sampling period, corresponding to the MIB node etherHistoryBroadcastPkts.
multicastpackets	Number of multicasts received during the sampling period, corresponding to the MIB node etherHistoryMulticastPkts.
CRC alignment errors	Number of packets received with CRC alignment errors during the sampling period, corresponding to the MIB node etherHistoryCRCAlignErrors.
undersize packets	Number of undersize packets received during the sampling period, corresponding to the MIB node etherHistoryUndersizePkts.
oversize packets	Number of oversize packets received during the sampling period, corresponding to the MIB node etherHistoryOversizePkts.
fragments	Number of fragments received during the sampling period, corresponding to the MIB node etherHistoryFragments.
jabbers	Number of jabbers received during the sampling period, corresponding to the MIB node etherHistoryJabbers.
collisions	Number of colliding packets received during the sampling period, corresponding to the MIB node etherHistoryCollisions.
utilization	Bandwidth utilization during the sampling period, corresponding to the MIB node etherHistoryUtilization.

display rmon prialarm

Syntax

display rmon prialarm [ entry-number ]

View

Any view

Default Level

1: Monitor level

Parameters

entry-number: Private alarm entry index, in the range 1 to 65535. If no entry is specified, the configuration of all private alarm entries is displayed.

Description

Use the display rmon prialarm command to display the configuration of the specified or all private alarm entries.

Related commands: rmon prialarm.

Examples

# Display the configuration of all private alarm entries.

<Sysname> display rmon prialarm

PrialarmEntry 1 owned by user1 is VALID.

Samples type : absolute

Variable formula : (.1.3.6.1.2.1.16.1.1.1.6.1*100/.1.3.6.1.2.1.16.1.1.1.5.1)

Description : ifUtilization.GigabitEthernet1/1/1

Sampling interval : 10(sec)

Rising threshold : 80(linked with event 1)

Falling threshold : 5(linked with event 2)

When startup enables : risingOrFallingAlarm

This entry will exist : forever

Latest value : 85

Table 3-5 display rmon prialarm command output description

Field	Description
PrialarmEntry	The entry of the private alarm table
owned by	Owner of the entry, user1 in this example
VALID	Status of the entry identified by the index (VALID means the entry is valid, and UNDERCREATION means invalid. You can use the display rmon command to view the invalid entry; while with the display current-configuration and display this commands you cannot view the corresponding rmon commands.)
Samples type	Sampling type, whose value can be absolute or delta.
Sampling interval	Sampling interval, in seconds. The system performs absolute sample or delta sample to sampling variables according to the sampling interval.
Rising threshold	Alarm rising threshold. An event is triggered when the sampled value is greater than or equal to this threshold.
Falling threshold	Alarm falling threshold. An event is triggered when the sampled value is less than or equal to this threshold.
linked with event	Event index associated with the prialarm
When startup enables	How can an alarm be triggered
This entry will exist	The lifetime of the entry, which can be forever or span the specified period
Latest value	The count result of the last sample

display rmon statistics

Syntax

display rmon statistics [ interface-type interface-number ]

View

Any view

Default Level

1: Monitor level

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Description

Use the display rmon statistics command to display RMON statistics.

This command displays the interface statistics during the period from the time the statistics entry is created to the time the command is executed. The statistics are cleared after the device reboots.

Related commands: rmon statistics.

Examples

# Display RMON statistics for interface GigabitEthernet 1/1/1.

<Sysname> display rmon statistics GigabitEthernet 1/1/1

EtherStatsEntry 1 owned by null is VALID.

Interface : GigabitEthernet1/1/1<ifIndex.3>

etherStatsOctets : 43393306 , etherStatsPkts : 619825

etherStatsBroadcastPkts : 503581 , etherStatsMulticastPkts : 44013

etherStatsUndersizePkts : 0 , etherStatsOversizePkts : 0

etherStatsFragments : 0 , etherStatsJabbers : 0

etherStatsCRCAlignErrors : 0 , etherStatsCollisions : 0

etherStatsDropEvents (insufficient resources): 0

Packets received according to length:

64 : 0 , 65-127 : 0 , 128-255 : 0

256-511: 0 , 512-1023: 0 , 1024-1518: 0

Table 3-6 display rmon statistics command output description

Field	Description
EtherStatsEntry	The entry of the statistics table, corresponding to the MIB node etherStatsIndex.
VALID	Status of the entry identified by the index (VALID means the entry is valid, and UNDERCREATION means invalid. You can use the display rmon command to view the invalid entry; while with the display current-configuration and display this commands you cannot view the corresponding rmon commands.), corresponding to the MIB node etherStatsStatus.
Interface	Interface on which statistics are gathered, corresponding to the MIB node etherStatsDataSource.
etherStatsOctets	Number of octets received by the interface during the statistical period, corresponding to the MIB node etherStatsOctets.
etherStatsPkts	Number of packets received by the interface during the statistical period, corresponding to the MIB node etherStatsPkts.
etherStatsBroadcastPkts	Number of broadcast packets received by the interface during the statistical period, corresponding to the MIB node etherStatsBroadcastPkts.
etherStatsMulticastPkts	Number of multicast packets received by the interface during the statistical period, corresponding to the MIB node etherStatsMulticastPkts.
etherStatsUndersizePkts	Number of undersize packets received by the interface during the statistical period, corresponding to the MIB node etherStatsUndersizePkts.
etherStatsOversizePkts	Number of oversize packets received by the interface during the statistical period, corresponding to the MIB node etherStatsOversizePkts.
etherStatsFragments	Number of undersize packets with CRC errors received by the interface during the statistical period, corresponding to the MIB node etherStatsFragments.
etherStatsJabbers	Number of oversize packets with CRC errors received by the interface during the statistical period, corresponding to the MIB node etherStatsJabbers.
etherStatsCRCAlignErrors	Number of packets with CRC errors received on the interface during the statistical period, corresponding to the MIB node etherStatsCRCAlignErrors.
etherStatsCollisions	Number of collisions received on the interface during the statistical period, corresponding to the MIB node etherStatsCollisions.
etherStatsDropEvents	Total number of drop events received on the interface during the statistical period, corresponding to the MIB node etherStatsDropEvents.
Packets received according to length: 64 : 0 , 65-127 : 0 , 128-255 : 0 256-511: 0 , 512-1023: 0 , 1024-1518: 0	Statistics of packets received according to length during the statistical period (Hardware support is needed for the statistics. If the hardware does not support the function, all statistics are displayed as 0.), in which: l Information of the field 64 corresponds to the MIB node etherStatsPkts64Octets l Information of the field 65-127 corresponds to the MIB node etherStatsPkts65to127Octets l Information of the field 128-255 corresponds to the MIB node etherStatsPkts128to255Octets l Information of the field 256-511 corresponds to the MIB node etherStatsPkts256to511Octets l Information of the field 512-1023 corresponds to the MIB node etherStatsPkts512to1023Octets l Information of the field 1024-1518 corresponds to the MIB node etherStatsPkts1024to1518Octets

rmon alarm

Syntax

rmon alarm entry-number alarm-variable sampling-interval { absolute | delta } rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 [ owner text ]

undo rmon alarm entry-number

View

System view

Default Level

2: System level

Parameters

entry-number: Alarm entry index, in the range 1 to 65535.

alarm-variable: Alarm variable, a string of 1 to 256 characters. It can be in dotted object identifier (OID) format (in the format of entry.integer.instance or leaf node name.instance, for example, 1.3.6.1.2.1.2.1.10.1), or a node name like ifInOctets.1. Only variables that can be parsed into INTEGER (INTEGER, Counter, Gauge, or Time Ticks) in the ASN.1 can be used for the alarm-variable argument, such as the instance of the leaf node (like etherStatsOctets, etherStatsPkts, etherStatsBroadcastPkts, and so on) of the etherStatsEntry entry, the instance of the leaf node (like ifInOctets, ifInUcastPkts, ifInNUcastPkts, and so on) of the ifEntry entry.

sampling-interval: Sampling interval, in the range 5 to 65,535 seconds.

absolute: Sets the sampling type to absolute, namely, the system obtains the value of the variable when the sampling time is reached.

delta: Sets the sampling type to delta, namely, the system obtains the variation value of the variable during the sampling interval when the sampling time is reached.

rising-threshold threshold-value1 event-entry1: Sets the rising threshold, where threshold-value1 represents the rising threshold, in the range –2,147,483,648 to +2,147,483,647, and event-entry1 represents the index of the event triggered when the rising threshold is reached. event-entry1 ranges from 0 to 65,535, with 0 meaning no corresponding event is triggered and no event action is taken when an alarm is triggered.

falling-threshold threshold-value2 event-entry2: Sets the falling threshold, where threshold-value2 represents the falling threshold, in the range –2,147,483,648 to +2,147,483,647 and event-entry2 represents the index of the event triggered when the falling threshold is reached. event-entry2 ranges from 1 to 65,535.

owner text: Owner of the entry, a string of 1 to 127 characters. It is case sensitive and space is supported.

Description

Use the rmon alarm command to create an entry in the RMON alarm table.

Use the undo rmon alarm command to remove a specified entry from the RMON alarm table.

This command defines an alarm entry, so as to trigger the specified event when abnormity occurs. The event defines how to deal with the abnormity.

The following is how the system handles alarm entries:

1) Samples the alarm variables at the specified interval.

2) Compares the sampled values with the predefined threshold and does the following:

l If the rising threshold is reached, triggers the event specified by the event-entry1 argument.

l If the falling threshold is reached, triggers the event specified by the event-entry2 argument.

l Before creating an alarm entry, define the events to be referenced in the event table with the rmon event command.

l When you create an entry, if the values of the specified alarm variable (alarm-variable), sampling interval (sampling-interval), sampling type (absolute or delta), rising threshold (threshold-value1) and falling threshold (threshold-value2) are identical to those of the existing alarm entry, the system considers their configurations are the same and the creation fails.

l You can create up to 60 alarm entries.

Related commands: display rmon alarm, rmon event, rmon history, rmon statistics.

Examples

# Add entry 1 in the alarm table and sample the node 1.3.6.1.2.1.16.1.1.1.4.1 at a sampling interval of 10 seconds in absolute sampling type. Trigger event 1 when the sampled value is greater than or equal to the rising threshold of 5000, and event 2 when the sampled value is less than or equal to the falling threshold of 5. Set the owner of the entry to be user1.

<Sysname> system-view

[Sysname] rmon event 1 log

[Sysname] rmon event 2 none

[Sysname] interface GigabitEthernet 1/1/1

[Sysname-GigabitEthernet1/1/1] rmon statistics 1

[Sysname-GigabitEthernet1/1/1] quit

[Sysname] rmon alarm 1 1.3.6.1.2.1.16.1.1.1.4.1 10 absolute rising-threshold 5000 1 falling-threshold 5 2 owner user1

1.3.6.1.2.1.16.1.1.1.4 is the OID of the leaf node etherStatsOctets. It represents the statistics of the received packets on the interface, in bytes. In the above example, you can use etherStatsOctets.1 to replace the parameter 1.3.6.1.2.1.16.1.1.1.4.1, where 1 indicates the serial number of the interface statistics entry. Therefore, if you execute the rmon statistics 5 command, you can use etherStatsOctets.5 to replace the parameter.

The above configuration implements the following:

l Sampling and monitoring interface GigabitEthernet 1/1/1

l Obtaining the absolute value of the number of received packets. If the total bytes of the received packets reach 5,000, the system will log the event; if the total bytes of the received packets are no more than 5, the system will take no action.

rmon event

Syntax

rmon event entry-number [ description string ] { log | log-trap log-trapcommunity | none | trap trap-community } [ owner text ]

undo rmon event entry-number

View

System view

Default Level

2: System level

Parameters

entry-number: Event entry index, in the range 1 to 65,535.

description string: Event description, a string of 1 to 127 characters.

log: Logs the event when it occurs.

log-trap log-trapcommunity: Log and trap events. The system performs both logging and trap sending when the event occurs. log-trapcommunity indicates the community name of the network management station that receives trap messages, a string of 1 to 127 characters.

none: Performs no action when the event occurs.

trap trap-community: Trap event. The system sends a trap with a community name when the event occurs. trap-community specifies the community name of the network management station that receives trap messages, a string of 1 to 127 characters.

owner text: Owner of the entry, a string of 1 to 127 characters. It is case sensitive and space is supported.

Description

Use the rmon event command to create an entry in the RMON event table.

Use the undo rmon event command to remove a specified entry from the RMON event table.

When create an event entry, you can define the actions that the system will take when the event is triggered by its associated alarm in the alarm table. According to your configuration, the system can log the event, send a trap, do both, or do neither at all.

Related commands: display rmon event, rmon alarm, rmon prialarm.

l When you create an entry, if the values of the specified event description (description string), event type (log, trap, logtrap or none), and community name (trap-community or log-trapcommunity) are identical to those of the existing event entry, the system considers their configurations are the same and the creation fails.

l You can create up to 60 alarm entries.

Examples

# Create event 10 in the RMON event table.

<Sysname> system-view

[Sysname] rmon event 10 log owner user1

rmon history

Syntax

rmon history entry-number buckets number interval sampling-interval [ owner text ]

undo rmon history entry-number

View

Ethernet interface view

Default Level

2: System level

Parameters

entry-number: History control entry index, in the range 1 to 65535.

buckets number: History table size for the entry, in the range 1 to 65,535. The number varies by device.

interval sampling-interval: Sampling period, in the range 5 to 3600 seconds.

owner text: Owner of the entry, a string of 1 to 127 characters. It is case sensitive and space is supported.

Description

Use the rmon history command to create an entry in the RMON history control table.

Use the undo rmon history command to remove a specified entry from the RMON history control table.

After an entry is created, the system periodically samples the number of packets received/sent on the current interface, and saves the statistics as an instance under the leaf node of the etherHistoryEntry table. The maximum number of history entries can be saved in the table is specified by buckets number. If the number of the entries in the table has reached the maximum number, the system will delete the earliest entry to save the latest one. The statistics include total number of received packets on the current interface, total number of broadcast packets, and total number of multicast packets in a sampling period,

When you create an entry in the history table, if the specified history table size exceeds that supported by the device, the entry will be created. However, the validated value of the history table size corresponding to the entry is that supported by the device. You can use the display rmon history command to view the configuration result.

l When you create an entry, if the value of the specified sampling interval (interval sampling-interval) is identical to that of the existing history entry, the system considers their configurations are the same and the creation fails.

l You can create up to 100 alarm entries.

Related commands: display rmon history.

Examples

# Create RMON history control entry 1 for interface GigabitEthernet 1/1/1.

<Sysname> system-view

[Sysname] interface GigabitEthernet 1/1/1

[Sysname-GigabitEthernet1/1/1] rmon history 1 buckets 10 interval 5 owner user1

rmon prialarm

Syntax

rmon prialarm entry-number prialarm-formula prialarm-des sampling-interval { absolute | changeratio | delta } rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 entrytype { forever | cycle cycle-period } [ owner text ]

undo rmon prialarm entry-number

View

System view

Default Level

2: System level

Parameters

entry-number: Index of a private alarm entry, in the range 1 to 65535.

prialarm-formula: Private alarm variable formula, a string of 1 to 256 characters. The variables in the formula must be represented in OID format that starts with a point “.”, the formula (.1.3.6.1.2.1.2.1.10.1)*8 for example. You may perform the basic operations of addition, subtraction, multiplication, and division on these variables. The operations should yield a long integer. To prevent errors, make sure that the result of each calculating step falls into the value range for long integers.

prialarm-des: Private alarm entry description, a string of 1 to 127 characters.

sampling-interval: Sampling interval, in the range 10 to 65,535 seconds.

absolute | changeratio | delta: Sets the sampling type to absolute, delta, or change ratio. Absolute sampling is to obtain the value of the variable when the sampling time is reached; delta sampling is to obtain the variation value of the variable during the sampling interval when the sampling time is reached; change ratio sampling is not supported at present.

forever: Indicates that the lifetime of the private alarm entry is infinite.

cycle cycle-period: Sets the lifetime period of the private alarm entry, in the range 0 to 2,147,483,647 seconds.

owner text: Owner of the entry, a string of 1 to 127 characters. It is case sensitive and space is supported.

Description

Use the rmon prialarm command to create an entry in the private alarm table of RMON.

Use the undo rmon prialarm command to remove a private alarm entry from the private alarm table of RMON.

The following is how the system handles private alarm entries:

1) Samples the private alarm variables in the private alarm formula at the specified sampling interval.

2) Performs calculation on the sampled values with the formula.

3) Compares the calculation result with the predefined thresholds and does the following:

l If the result is equal to or greater than the rising threshold, triggers the event specified by the event-entry1 argument.

l If the result is equal to or smaller than the falling threshold, triggers the event specified by the event-entry2 argument.

l Before creating an alarm entry, define the events to be referenced in the event table with the rmon event command.

l When you create an entry, if the values of the specified alarm variable formula (prialarm-formula), sampling type (absolute changeratio or delta), rising threshold (threshold-value1) and falling threshold (threshold-value2) are identical to those of the existing alarm entry, the system considers their configurations are the same and the creation fails.

l You can create up to 50 pri-alarm entries.

Related commands: display rmon prialarm, rmon event, rmon history, rmon statistics.

Examples

# Create entry 5 in the private alarm table. Calculate the private alarm variables with the (1.3.6.1.2.1.16.1.1.1.6.1*100/.1.3.6.1.2.1.16.1.1.1.5.1) formula and sample the corresponding variables at intervals of 10 seconds. Rising threshold of 80 corresponds to event 1 (and record the event into the log table); falling threshold of 5 corresponds to event 2 (but neither log it nor send a trap). Set the lifetime of the entry to forever and owner to user1.

<Sysname> system-view

[Sysname] rmon event 1 log

[Sysname] rmon event 2 none

[Sysname] interface GigabitEthernet 1/1/1

[Sysname-GigabitEthernet1/1/1] rmon statistics 1

[Sysname-GigabitEthernet1/1/1] quit

[Sysname] rmon prialarm 1 (1.3.6.1.2.1.16.1.1.1.6.1*100/.1.3.6.1.2.1.16.1.1.1.5.1)

packet GigabitEthernet1/1/1 10 absolute rising_threshold 80 1 falling_threshold 5 2 entrytype forever owner user1

1.3.6.1.2.1.16.1.1.1.6.1 is the OID of the node etherStatsBroadcastPkts.1, and 1.3.6.1.2.1.16.1.1.1.5.1 is the OID of the node etherStatsPkts.1. 1 indicates the serial number of the interface statistics entry. Therefore, if you execute the rmon statistics 5 command, you should use 1.3.6.1.2.1.16.1.1.1.6.5 and 1.3.6.1.2.1.16.1.1.1.5.5.

The above configuration implements the following:

l Sampling and monitoring interface GigabitEthernet1/1/1

l If the portion of broadcast packets received in the total packets is greater than or equal to 80%, the system will log the event; if the portion is less than or equal to 5%, the system will take no action.

You can view the event log using the display rmon eventlog command.

rmon statistics

Syntax

rmon statistics entry-number [ owner text ]

undo rmon statistics entry-number

View

Ethernet interface view

Default Level

2: System level

Parameters

entry-number: Index of statistics entry, in the range 1 to 65535.

owner text: Owner of the entry, a string of 1 to 127 characters. It is case sensitive and space is supported.

Description

Use the rmon statistics command to create an entry in the RMON statistics table.

Use the undo rmon statistics command to remove a specified entry from the RMON statistics table.

After an entry is created, the system continuously calculates the information of the interface. Statistics include number of collisions, CRC alignment errors, number of undersize or oversize packets, number of broadcasts, number of multicasts, number of bytes received, number of packets received. The statistics are cleared after the device reboots.

To display information for the RMON statistics table, use the display rmon statistics command.

l Only one statistics entry can be created on one interface.

l You can create up to 100 statistics entries.

Examples

# Create an entry in the RMON statistics table for interface GigabitEthernet 1/1/1. The index of the entry is 20, and the owner of the entry is user1.

<Sysname> system-view

[Sysname] interface GigabitEthernet 1/1/1

[Sysname-GigabitEthernet1/1/1] rmon statistics 20 owner user1

TOP

H3C reserves the right to modify its collaterals without any prior notice. For the latest information of the collaterals, please consult H3C sales or call 400 hotline.

H3C S3600 Series EPON OLT Switches Command Manual-Release 3103-6W100

Table of Content

27-SNMP-RMON Commands

display snmp-agent community

display snmp-agent local-engineid

display snmp-agent sys-info

display snmp-agent trap queue

snmp-agent calculate-password

snmp-agent group

snmp-agent local-engineid

snmp-agent log

snmp-agent sys-info

snmp-agent target-host

snmp-agent trap enable

snmp-agent trap if-mib link extended

snmp-agent trap life

snmp-agent trap source

snmp-agent usm-user { v1 | v2c }

rmon alarm

rmon event

rmon history

rmon prialarm

rmon statistics