AXP 1.6 User Guide
System Management using SNMP and CDP
Downloads: This chapterpdf (PDF - 119.0KB) The complete bookPDF (PDF - 3.06MB) | Feedback

System Management using SNMP and CDP

Table Of Contents

System Management using SNMP and CDP

CDP

SNMP

Showing the Health of CDP/SNMP Processes

Traps Produced by SNMP Agents

Configuring SNMP CLI Commands

Turning on SNMP Debugging

Enabling linkUp/linkDown Traps

Generating Authentication Failure Traps

MIBs for Cisco AXP


System Management using SNMP and CDP


Cisco AXP 1.6 or higher provides system management using the Simple Network Management Protocol (SNMP) and Cisco Discovery Protocol (CDP). The supported versions are SNMPv2c and CDPv1.

Introduced in Cisco AXP 1.5.1, you can use CDP commands in Cisco AXP 1.6 to discover neighboring network devices and use SNMP commands to get/set information from devices such as the Cisco AXP service module.

Standard Management Information Bases (MIBs) provide definitions of the information used by the SNMP commands.

Using SNMP and CDP for system management on Cisco AXP is explained in the following sections:

CDP

SNMP

Showing the Health of CDP/SNMP Processes

Traps Produced by SNMP Agents

MIBs for Cisco AXP

CDP

CDP is used in Cisco AXP primarily for Network Topology Discovery operation by the Network Management System (NMS). The administrator gives the NMS a seed device's IP address. The NMS then connects to the CDP-enabled device by looking at the CDP neighbor list. After the NMS has looked at the immediate neighbors in the CDP neighbor list, it then looks at non-visited neighbors and gains a view of the network topology.

It is important that the Cisco AXP system is reachable via its CDP neighbors. The Cisco ISR that is hosting Cisco AXP requires CDP to be enabled. CDP also needs to be enabled on the other devices that the Cisco ISR is connected to — such as switches.

To allow NMS to discover all parts of the network, all devices need to be CDP enabled. If a network device does not provide CDP information, a part of the network cannot be detected.

For further information on CDP, refer to: http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_cdp_discover_ps10591_TSD_Products_Configuration_Guide_Chapter.html.

CDP and SNMP commands are documented in the latest Cisco AXP Command Reference Guide.


Note Only a subset of Cisco IOS SNMP and CDP commands are supported by Cisco AXP. Some Cisco AXP commands have a smaller range of available options compared to their Cisco IOS equivalents.


SNMP

The SNMP agent in the Cisco AXP host OS interacts with standard MIB modules . The SNMP Agent listens on User Datagram Protocol (UDP) port 161 for SNMP requests. This port is not configurable.

SNMP commands used in Cisco AXP are similar to Cisco IOS software SNMP commands. Some Cisco AXP CLI commands for SNMP have fewer optional parameters than their Cisco IOS equivalents due to the limitation of the underlying implementation of the net-snmp agent in Cisco AXP.


Note SNMPv3 is not supported by Cisco AXP 1.6


CDP and SNMP commands are documented in the Cisco AXP 1.6 Command Reference Guide. Refer to the Cisco AXP Command Reference Guides.

SNMP is used to get or set data for a device and to retrieve notifications from a device.

When the router/service module boots up, if there are SNMP config CLI commands in the startup configuration, then SNMP starts. If there are no SNMP config CLI commands in the startup configuration, the router/service module comes up without SNMP. Then, if you issue an SNMP config CLI command, SNMP starts.

The no snmp-server command disables/shuts down SNMP. The command does not appear in the running-config after it has been issued. It affects the internal state of SNMP and all SNMP-related CLI commands. The no snmp-server command clears all SNMP-related configuration commands temporarily and shuts down/disables the SNMP engine.

After issuing the no snmp-server command, the status of SNMP and the availability of the temporarily removed SNMP configuration commands depend upon the startup configuration during a reboot. The following scenarios explain this:

1. If you issue a write memory or (copy running configuration startup configuration) command and reboot the router/service module, temporarily removed SNMP config CLI commands are permanently removed. The router/service module comes up without SNMP because there are no SNMP config CLI commands present.

2. If you do not issue a write memory command and reboot the router/service module, the router/service module comes up as determined by the contents of the startup configuration. If any SNMP config CLI commands are present in the startup configuration, the router/service module comes up with SNMP. If there are no SNMP config CLI commands in the startup configuration, the router/service module comes up without SNMP. Then, if you issue an SNMP config CLI command, SNMP starts. Also, all the temporarily removed SNMP config commands, which were removed by the no snmp-server command, reappear along with the newly issued SNMP command.

Showing the Health of CDP/SNMP Processes

To display information about CDP and SNMP processes, use the following Cisco AXP commands:

show processes

show processes memory

Example

STATE    HEALTH                   CMD
online   alive                    cdp
service  alive                    snmpd

For CDP, HEALTH is alive or dead.

For SNMP, HEALTH is alive (service is up and running), dead (service is down due to a failure), or administratively-down (service is configured to be stopped).

Traps Produced by SNMP Agents

The Cisco IOS SNMP agent only reports changes to an interface (from up to down or from down to up) via linkUp and linkDown traps.

The Cisco AXP SNMP agent produces traps with its own set of OIDs. The Cisco IOS SNMP agent produces traps with another set of OIDs.

For example, the Cisco AXP SNMP agent produces a netSnmpAgentOIDs.10 that maps to "linux". The Cisco IOS SNMP agent produces a linkDown trap with a reason string of "administratively down".

Examples of traps generated by agents in SNMP for Cisco AXP and SNMP for Cisco IOS are shown in the following sections:

Configuring SNMP CLI Commands

Turning on SNMP Debugging

Enabling linkUp/linkDown Traps

Generating Authentication Failure Traps

Configuring SNMP CLI Commands

When a config Cisco AXP SNMP CLI command is issued, the Cisco AXP SNMP agent receives a SIGNUP to restart the agent and take on the new configuration. The agent generates a RESTART trap. Also, because the Cisco AXP SNMP agent restarts, linkUp/linkDown traps are also generated. For more information, refer to the "Enabling linkUp/linkDown Traps" section.

Table 6 Example Traps from Configuring SNMP CLI Commands

Cisco AXP SNMP
Cisco IOS SNMP
Jan 28 10:55:48 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: 
Trap , SNMPv2-MIB::sysUpTime.0 = Timeticks: (168211) 0:28:02.11, 
SNMPv2-MIB::snmpTrapOID.0 = OID: NET-SNMP-AGENT-MIB::nsNotifyRestart, 
SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpNotificationPrefix

NONE


Turning on SNMP Debugging

The EXEC level CLI command [debug|undebug] snmp details causes the Cisco AXP SNMP agent to be restarted by stopping and starting up—a coldStart. The Cisco AXP SNMP agent generates a SHUTDOWN trap followed by a COLDSTART trap.

Table 7 Example Traps from Turning on SNMP Debugging

Cisco AXP SNMP
Cisco IOS SNMP
Jan 28 10:57:59 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: 
Trap , SNMPv2-MIB::sysUpTime.0 = Timeticks: (181281) 0:30:12.81, 
SNMPv2-MIB::snmpTrapOID.0 = OID: 
NET-SNMP-AGENT-MIB::nsNotifyShutdown, 
SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpNotificationPrefix
Jan 28 10:57:59 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: 
Trap , SNMPv2-MIB::sysUpTime.0 = Timeticks: (13) 0:00:00.13, 
SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-MIB::coldStart, 
SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.1

NONE


Enabling linkUp/linkDown Traps

After an SNMP config CLI command is issued that turns on linkUp/linkDown traps, the Cisco AXP SNMP agent restarts and reports all the interfaces with linkUp or linkDown traps.

In contrast, the Cisco IOS SNMP agent does not issue a full report on the link status of its interfaces.

Table 8 Example Traps from Enabling linkUp/linkDown Traps

Cisco AXP SNMP
Cisco IOS SNMP
Jan 28 10:58:55 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: 
Trap , SNMPv2-MIB::sysUpTime.0 = Timeticks: (2070) 0:00:20.70, 
SNMPv2-MIB::snmpTrapOID.0 = OID: NET-SNMP-AGENT-MIB::nsNotifyRestart, 
SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpNotificationPrefix
Jan 28 10:58:55 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: 
Trap , SNMPv2-MIB::sysUpTime.0 = Timeticks: (2070) 0:00:20.70, 
SNMPv2-MIB::snmpTrapOID.0 = OID: IF-MIB::linkDown, IF-MIB::ifIndex.2 = 
INTEGER: 2, IF-MIB::ifAdminStatus.2 = INTEGER: up(1), 
IF-MIB::ifOperStatus.2 = INTEGER: down(2), 
SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.10

NONE


Generating Authentication Failure Traps

The authentication failure traps for the Cisco AXP SNMP agent and the Cisco IOS SNMP agent are similar. Six authentication failure traps are generated for a bad request; for example, an invalid community name.

Cisco AXP SNMP: Example

Jan 28 10:59:47 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: Trap , 
SNMPv2-MIB::sysUpTime.0 = Timeticks: (7255) 0:01:12.55, SNMPv2-MIB::snmpTrapOID.0 = OID: 
SNMPv2-MIB::authenticationFailure, SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.10
Jan 28 10:59:48 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: Trap , 
SNMPv2-MIB::sysUpTime.0 = Timeticks: (7356) 0:01:13.56, SNMPv2-MIB::snmpTrapOID.0 = OID: 
SNMPv2-MIB::authenticationFailure, SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.10
Jan 28 10:59:49 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: Trap , 
SNMPv2-MIB::sysUpTime.0 = Timeticks: (7456) 0:01:14.56, SNMPv2-MIB::snmpTrapOID.0 = OID: 
SNMPv2-MIB::authenticationFailure, SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.10
Jan 28 10:59:50 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: Trap , 
SNMPv2-MIB::sysUpTime.0 = Timeticks: (7556) 0:01:15.56, SNMPv2-MIB::snmpTrapOID.0 = OID: 
SNMPv2-MIB::authenticationFailure, SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.10
Jan 28 10:59:51 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: Trap , 
SNMPv2-MIB::sysUpTime.0 = Timeticks: (7656) 0:01:16.56, SNMPv2-MIB::snmpTrapOID.0 = OID: 
SNMPv2-MIB::authenticationFailure, SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.10
Jan 28 10:59:52 linuxusr snmptrapd[7596]: 172.16.10.1 [172.16.10.1]: Trap , 
SNMPv2-MIB::sysUpTime.0 = Timeticks: (7756) 0:01:17.56, SNMPv2-MIB::snmpTrapOID.0 = OID: 
SNMPv2-MIB::authenticationFailure, SNMPv2-MIB::snmpTrapEnterprise.0 = OID: 
NET-SNMP-MIB::netSnmpAgentOIDs.10

Cisco IOS SNMP: Example

Jan 28 12:32:44 linuxusr snmptrapd[7596]: 10.0.0.0: Authentication Failure Trap (0) 
Uptime: 1:11:37.32, SNMPv2-SMI::enterprises.9.2.1.5.0 = IpAddress: 172.16.0.0, 
SNMPv2-SMI::enterprises.9.9.412.1.1.1.0 = INTEGER: 1, 
SNMPv2-SMI::enterprises.9.9.412.1.1.2.0 = STRING: "172.16.0.0"
Jan 28 12:32:45 linuxusr snmptrapd[7596]: 10.0.0.0: Authentication Failure Trap (0) 
Uptime: 1:11:38.32, SNMPv2-SMI::enterprises.9.2.1.5.0 = IpAddress: 172.16.0.0, 
SNMPv2-SMI::enterprises.9.9.412.1.1.1.0 = INTEGER: 1, 
SNMPv2-SMI::enterprises.9.9.412.1.1.2.0 = STRING: "172.16.0.0"
Jan 28 12:32:46 linuxusr snmptrapd[7596]: 10.0.0.0: Authentication Failure Trap (0) 
Uptime: 1:11:39.32, SNMPv2-SMI::enterprises.9.2.1.5.0 = IpAddress: 172.16.0.0, 
SNMPv2-SMI::enterprises.9.9.412.1.1.1.0 = INTEGER: 1, 
SNMPv2-SMI::enterprises.9.9.412.1.1.2.0 = STRING: "172.16.0.0"
Jan 28 12:32:47 linuxusr snmptrapd[7596]: 10.0.0.0: Authentication Failure Trap (0) 
Uptime: 1:11:40.32, SNMPv2-SMI::enterprises.9.2.1.5.0 = IpAddress: 172.16.0.0, 
SNMPv2-SMI::enterprises.9.9.412.1.1.1.0 = INTEGER: 1, 
SNMPv2-SMI::enterprises.9.9.412.1.1.2.0 = STRING: "172.16.0.0"
Jan 28 12:32:48 linuxusr snmptrapd[7596]: 10.0.0.0: Authentication Failure Trap (0) 
Uptime: 1:11:41.32, SNMPv2-SMI::enterprises.9.2.1.5.0 = IpAddress: 172.16.0.0, 
SNMPv2-SMI::enterprises.9.9.412.1.1.1.0 = INTEGER: 1, 
SNMPv2-SMI::enterprises.9.9.412.1.1.2.0 = STRING: "172.16.0.0"
Jan 28 12:32:49 linuxusr snmptrapd[7596]: 10.0.0.0: Authentication Failure Trap (0) 
Uptime: 1:11:42.32, SNMPv2-SMI::enterprises.9.2.1.5.0 = IpAddress: 172.16.0.0, 
SNMPv2-SMI::enterprises.9.9.412.1.1.1.0 = INTEGER: 1, 
SNMPv2-SMI::enterprises.9.9.412.1.1.2.0 = STRING: "172.16.0.0"

MIBs for Cisco AXP

The MIBs shown in Table 9 are supported by Cisco AXP. For Cisco AXP version 1.6, MIBs are read-only and cannot be modified using SNMP-SET.

Standard MIBs (all MIBs in the table except for CISCO-CDP-MIB) are defined by the Internet Engineering Task Force (IETF).

Table 9 Cisco AXP Supported MIBs

MIB Name
Notes

MIB-2

Basic information about the agent (RFC 1213).

SNMPv2-MIB

Basic information about the agent -description, packets info (RFC 3418).

HOST-RESOURCES-MIB

Operating System information, processes, partition, network interfaces (RFC 2790).

IF-MIB

Network Interface information (RFC 1229).

IP-MIB (from 1213)

IP network protocol information (RFC 4293).

UDP-MIB

UDP network protocol information (RFC 4113).

TCP-MIB (from 1213)

TCP network protocol information (RFC 4022).

CISCO-CDP-MIB

Not a standard MIB. Correlates between a Cisco AXP service module system and the Cisco chassis (router) to which the module is attached.