Guest

Cisco IOS Software Releases 12.0 S

MPLS Traffic Engineering (TE) MIB

  • Viewing Options

  • PDF (278.2 KB)
  • Feedback
MPLS Traffic Engineering (TE) MIB

Table Of Contents

MPLS Traffic Engineering (TE) MIB

Feature Overview

Capabilities Supported by MPLS TE MIB

Notification Generation Events

Notification Implementation

Benefits of MPLS TE MIB

Structure of MPLS TE MIB

Restrictions

Related Features and Technologies

Related Documents

Supported Platforms

Supported Standards, MIBs, and RFCs

Supported Objects in MPLS TE MIB

CLI Access to MPLS TE MIB Information

Retrieving Information from the MPLS TE MIB

Configuration Tasks

Enabling the SNMP Agent

Verifying the Status of the SNMP Agent

Configuration Examples

Command Reference

snmp-server community

snmp-server enable traps

snmp-server host

Glossary


MPLS Traffic Engineering (TE) MIB


This document describes the Simple Network Management Protocol (SNMP) agent support in Cisco IOS for Multiprotocol Label Switching (MPLS) traffic engineering management, as implemented in the MPLS Traffic Engineering MIB (MPLS TE MIB).

Multiprotocol Label Switching (MPLS) traffic engineering capabilities in Cisco IOS enable an MPLS backbone to replicate and expand upon the traffic engineering capabilities of Layer 2 ATM and Frame Relay networks.

Traffic engineering capabilities are essential to effective management of service provider and Internet service provider (ISP) backbones. Such backbones must support high transmission capacities, and the networks incorporating backbones must be extremely resilient to link or node failures.

The MPLS traffic engineering facilities built into Cisco IOS provide a feature-rich, integrated approach to managing the large volumes of traffic that typically flow through wide area networks (WANs). The MPLS traffic engineering facilities are integrated into Layer 3 network services, thereby optimizing the routing of IP traffic in the face of constraints imposed by existing backbone transmission capacities and network topologies.

Feature Overview

SNMP agent code operating in conjunction with the MPLS TE MIB enables a standardized, SNMP-based approach to be used in managing the MPLS traffic engineering features in Cisco IOS.

The MPLS TE MIB is based on the IETF draft MIB entitled draft-ietf-mpls-te-mib-05.txt, which includes objects describing features that support MPLS traffic engineering. This IETF draft MIB, which undergoes revisions from time to time, is being evolved toward becoming a standard. Accordingly, Cisco's implementation of the MPLS TE MIB is expected to track the evolution of the IETF draft MIB.

Slight differences between the IETF draft MIB and the implementation of the traffic engineering capabilities within Cisco IOS require some minor translations between the MPLS TE MIB and the internal data structures of Cisco IOS. These translations are accomplished by means of the SNMP agent code that is installed and operating on various hosts within the network. This SNMP agent code, running in the background as a low priority process, provides a management interface to Cisco IOS.

The SNMP objects defined in the MPLS TE MIB can be viewed by any standard SNMP utility. All MPLS TE MIB objects are based on the IETF draft MIB; thus, no specific Cisco SNMP application is required to support the functions and operations pertaining to the MPLS TE MIB.

Capabilities Supported by MPLS TE MIB

The following new functionality is supported in this release of the MPLS TE MIB:

The ability to generate and queue notification messages that signal changes in the operational status of MPLS traffic engineering tunnels.

Extensions to existing SNMP CLI commands that provide the ability to enable, disable, and configure notification messages for MPLS traffic engineering tunnels.

The ability to specify the name or the IP address of a network management station (NMS) in the operating environment to which notification messages are to be sent.

The ability to write notification configurations into non-volatile memory.

Notification Generation Events

When MPLS traffic engineering notifications are enabled (see the snmp-server enable traps command), notification messages relating to specific events within Cisco IOS are generated and sent to a specified network management station (NMS) in the network.

For example, an mplsTunnelUp notification is sent to an NMS when an MPLS traffic engineering tunnel is configured and the tunnel transitions from an operationally "down" state to an "up" state.

Conversely, an mplsTunnelDown notification is generated and sent to the NMS when an MPLS traffic engineering tunnel transitions from an operationally "up" state to a "down" state.

Finally, an mplstunnelRerouted notification is sent to the NMS under the following conditions:

The signalling path of an existing MPLS traffic engineering tunnel fails for some reason and a new path option is signalled and placed into effect (that is, the tunnel is rerouted).

The signalling path of an existing MPLS traffic engineering tunnel is fully operational, but a better path option can be signalled and placed into effect (that is, the tunnel can be reoptimized). This reoptimazation can be triggered by: a) a timer, b) the issuance of an mpls traffic-eng reoptimize command, or c) a configuration change that requires the resignalling of a tunnel.

Path options are configurable parameters that you can use to specify the order of priority for establishing a new tunnel path. For example, you can create a tunnel head configuration and define any one of many path options numbered 1 through n, with "1" being the highest priority option and "n" being an unlimited number of lower priority path options. Thus, there is no limit to the number of path options that you can specify in this manner.

Notification Implementation

When an MPLS traffic engineering tunnel interface (or any other device interface, such as an Ethernet or POS interface) transitions between an up or down state, an Interfaces MIB (ifMIB) link notification is generated. When such a notification occurs in an MPLS TE MIB environment, the interface is checked by software to determine if the notification is associated with an MPLS traffic engineering tunnel. If so, the interfaces MIB link notification is interlinked with the appropriate mplsTunnelUp or mplsTunnelDown notification to provide notification to the NMS regarding the operational event occurring on the tunnel interface. Hence, the generation of an interfaces MIB link notification pertaining to an MPLS traffic engineering tunnel interface begets an appropriate mplsTunnelUp or mplsTunnelDown notification that is transmitted to the specified NMS.

An mplsTunnelRerouted notification is generated whenever the signalling path for an MPLS traffic engineering tunnel changes. However, software intelligence in the MPLS TE MIB prevents the reroute notification from being sent to the NMS when a traffic engineering tunnel transitions between an "up" or "down" state during an administrative or operational status check of the tunnel. Either an up/down notification or a reroute notification can be sent in this instance, but not both. This action prevents unnecessary traffic on the network

Benefits of MPLS TE MIB

The MPLS Traffic Engineering MIB provides the following benefits:

Provides a standards-based SNMP interface for retrieving information about MPLS traffic engineering.

Provides information about the traffic flows on MPLS traffic engineering tunnels.

Presents MPLS traffic engineering tunnel routes, including the configured route, the IGP calculated route, and the actual route traversed.

Provides information, in conjunction with the Interfaces MIB, about how a tunnel was rerouted in the event of a link failure.

Provides information about the configured resources used for an MPLS traffic engineering tunnel.

Supports the generation and queueing of notifications that call attention to major changes in the operational status of MPLS traffic engineering tunnels; forwards notification messages to a designated network management station (NMS) for evaluation/action by network administrators.

Structure of MPLS TE MIB

The SNMP agent code supporting the MPLS TE MIB follows the existing model for such code in Cisco IOS and is, in part, generated by the Cisco IOS tool set, based on the MIB source code.

The SNMP agent code, which has a layered structure similar to that of the MIB support code in Cisco IOS, consists of four layers:

Platform independent layer—This layer is generated primarily by the IOS MIB development tool set and incorporates platform and implementation independent functions. The IOS MIB development tool set creates a standard set of files associated with a MIB.

Application interface layer—The functions, names, and template code for MIB objects in this layer are also generated by the IOS MIB development tool set.

Application specific layer—This layer provides an interface between the application interface layer and the API and data structures layer below and performs tasks needed to retrieve required information from Cisco IOS, such as searching through data structures.

API and data structures layer—This layer contains the data structures or APIs within Cisco IOS that are retrieved or called in order to set or retrieve SNMP management information.

Restrictions

The following restrictions apply to the MPLS TE MIB for Cisco IOS Release 12.0(17)S:

Supports read-only (RO) permission for MIB objects.

Contains no configuration support by means of SET functions, except for the mplsTunnelTrapEnable object (which has been made writeable in this release). Accordingly, the MPLS TE MIB contains indexing support for the Interfaces MIB (ifMIB).

Only SNMP GET, GETNEXT, and GETBULK retrieval functions are supported in this release, except in the case of the mplsTunnelTrapEnable object (which has been made writeableby means of SET functions in this release).

Contains no support for Guaranteed Bandwidth Traffic Engineering (GBTE) or Auto Bandwidth features.

Related Features and Technologies

The MPLS TE MIB feature is used in conjunction with the following:

Standards-based SNMP network management application

Multiprotocol label switching (MPLS)

MPLS traffic engineering

MPLS label switching router MIB (MPLS-LSR-MIB)

Related Documents

For descriptions of other MPLS-based functionality, consult the following documentation:

MPLS Label Distribution Protocol Enhancements

MPLS Label Switching Router MIB

MPLS Scalability Enhancements for LSC and ATM LSR

Automatic Bandwidth Adjustment for MPLS Traffic Engineering Tunnels

Scalability Enhancements for MPLS Traffic Engineering

MPLS Class of Service Enhancements

MPLS Traffic Engineering Access List Node Exclusion

RFC 2233 Interfaces MIB

Supported Platforms

The MPLS TE MIB is supported on the following platforms:

Cisco 12000 series Internet routers

Cisco 7500 series routers

Supported Standards, MIBs, and RFCs

Standards

No new or modified standards are supported by this feature.

MIBs

The MPLS TE MIB is supported on Cisco IOS Release 12.0(17)S.

To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB web site on Cisco Connection Online (CCO) at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.

RFCs

The structure and content of the MPLS TE MIB is in full conformance with the provisions of Section 10 of RFC 2026.

The Internet Engineering Task force (IETF) document entitled draft-ietf-mpls-te-mib-05.txt defines and describes managed objects for traffic engineering based on multiprotocol label switching.

Supported Objects in MPLS TE MIB

The MPLS TE MIB contains numerous tables and object definitions that provide read-only SNMP management support for the MPLS traffic engineering features in Cisco IOS. The MPLS TE MIB conforms to Abstract Syntax Notation One (ASN.1), thus reflecting an idealized MPLS traffic engineering database.

Using any standard SNMP network management application, you can retrieve and display information from the MPLS TE MIB using GET operations; similarly, you can traverse information in the MIB database for display using GETNEXT operations.

The MPLS TE MIB tables and objects supported in this Cisco IOS release are listed below. Important MIB tables (those highlighted in bold type) are described briefly in accompanying text.

mplsTunnelConfigured—Presents the total number of tunnel configurations that are defined on this node.

mplsTunnelActive—Presents the total number of LSPs that are defined on this node.

mplsTunnelTEDistProto—The IGP distribution protocol in use.

mplsTunnelMaxHops—The maximum number of hops any given tunnel may utilize.

mplsTunnelIndexNext—Unsupported; set to 0.

mplsTunnelTable—Entries in this table with an instance of 0 and a source address of 0 represent tunnel head configurations. All other entries in this table represent instances of label switched paths (LSPs), both signaled and standby. If a tunnel instance is signaled, its operating status (operStatus) is set to "up" (1) and its instance corresponds to an active LSP.

Tunnel configurations exist only on the tunnel head where the tunnel interface is defined. LSPs traverse the network and involve tunnel heads, tunnel midpoints, and tunnel tails.

The entries in the mplsTunnelTable are listed and described below. Each description carries an alphabetic suffix (a), (b), or (c), if/as appropriate, to indicate the applicability of the entry:

a. For tunnel head configurations only

b. For LSPs only

c. For both tunnel head configurations and LSPs

Pointers in the tunnel table refer to corresponding entries in other MIB tables. By means of these pointers, you can find an entry in the mplsTunnelTable and follow a pointer to other tables for additional information. The pointers include the following: mplsTunnelResourcePointer, mplsTunnelHopTableIndex, mplsTunnelARHopTableIndex, and mplsTunnelCHopTableIndex.

The tunnel table is indexed by tunnel id, tunnel instance, tunnel source address, and tunnel destination address.

mplsTunnelIndex—Same as Tunnel Id (c).

mplsTunnelInstance—Tunnel instance of the LSP; 0 for head configurations (b).

mplsTunnelIngressLSRId—Source IP address of the LSP; 0 for head configurations (b).

mplsTunnelEgressLSRId—Destination IP address of the tunnel (c).

mplsTunnelName—CLI name for the tunnel interfaces (a).

mplsTunnelDescr—Descriptive name for tunnel configurations and LSPs (c).

mplsTunnelIsIf—Indicates whether or not the entry represents an interface (c).

mplsTunnelIfIndex—Provides the index of the tunnel interface within the ifMIB (a).

mplsTunnelXCPointer—(For midpoints only - no tails); provides a pointer for the LSP within the mplsXCTable of the MPLS LSR MIB (b).

mplsTunnelSignallingProto—Identifies the signalling protocol used by tunnels (c).

mplsTunnelSetupPrio—Indicates the setup priority of the tunnel (c).

mplsTunnelHoldingPrio—Indicates the holding priority of the tunnel (c).

mplsTunnelSessionAttributes—Indicates the session attributes (c).

mplsTunnelOwner—Indicates the tunnel owner (c).

mplsTunnelLocalProtectInUse—Not implemented (c).

mplsTunnelResourcePointer—Provides a pointer into the Resource Table (b).

mplsTunnelInstancePriority—Not implemented (b).

mplsTunnelHopTableIndex—Provides an index into the Hop Table (a).

mplsTunnelARHopTableIndex—Provides an index into the AR Hop Table (b).

mplsTunnelCHopTableIndex—Provides an index into the C Hop Table (b).

mplsTunnelPrimaryTimeUp—The amount of time that the current path has been up (a).

mplsTunnelPathChanges—Number of times a tunnel has been resignalled (a).

mplsTunnelLastPathChange—The amount of time since the last path resignalling occurred (a).

mplsTunnelCreationTime—Time stamp when the tunnel was created (a).

mplsTunnelStateTransitions—The number of times the tunnel has changed state (a).

mplsTunnelIncludeAnyAffinity—Not implemented (a).

mplsTunnelIncludeAllAffinity—Attribute bits that must be set for the tunnel to traverse a link (a).

mplsTunnelExcludeAllAffinity—Attribute bits that must not be set for the tunnel to traverse a link (a).

mplsTunnelPathInUse—Path option number currently being used for the tunnel's path. If no path option is active, this object will be 0 (a).

mplsTunnelRole—(c).

mplsTunneltotalUptime—Amount of time that the tunnel has been operationally up (a).

mplsTunnelInstanceUptime—Not implemented (b).

mplsTunnelAdminStatus—Indicates the administrative status of a tunnel (c).

mplsTunnelOperStatus—Indicates the actual operating status of a tunnel (c).

mplsTunnelRowStatus—This object is used in conjunction with configuring a new tunnel. This object will always be seen as "active" (a).

mplsTunnelStorageType—(c).

mplsTunnelHopListIndexNext

mplsTunnelHopTable—Entries in this table exist only for tunnel configurations and correspond to the path options defined for the tunnel. Two types of path options exist: explicit and dynamic. This table shows all hops listed in the explicit path options, while showing only the destination hop for dynamic path options.

The tunnel hop table is indexed by tunnel id, path option, and hop number.

mplsTunnelHopListIndex

mplsTunnelHopIndex

mplsTunnelHopAddrType

mplsTunnelHopIpv4Addr

mplsTunnelHopIpv4PrefixLen

mplsTunnelHopIpv6Addr

mplsTunnelHopIpv6PrefixLen

mplsTunnelHopAsNumber

mplsTunnelHopLspId

mplsTunnelHopType

mplsTunnelHopRowStatus

mplsTunnelHopStorageType

mplsTunnelResourceIndexNext

mplsTunnelResourceTable—Entries in this table correspond to the "Tspec" information displayed when you execute the show mpls traffic-eng tunnels command. These entries exist only for label switched paths (LSPs).

The tunnel resource table is indexed by address and hop number. Following the mplsTunnelResourcePointer pointer from the tunnel table is the best way to retrieve information from this table.

mplsTunnelResourceIndex

mplsTunnelResourceMaxRate

mplsTunnelResourceMeanRate

mplsTunnelResourceMaxBurstSize

mplsTunnelResourceRowStatus

mplsTunnelResourceStorageType

mplsTunnelARHopTable—Entries in this table correspond to the actual route taken by the tunnel, and whose route was successfully signaled by the network. The hops present in this table correspond to those present in the record route object (RRO) in RSVP. You can also view the information in this table by executing the show mpls traffic-eng tunnels command.

The actual route hop table is indexed by address and hop number. Following the mplsTunnelARHopTableIndex pointer from the tunnel table is the best way to retrieve information from this table.

mplsTunnelARHopListIndex

mplsTunnelARHopIndex

mplsTunnelARHopAddrType

mplsTunnelARHopIpv4Addr

mplsTunnelARHopIpv4PrefixLen

mplsTunnelARHopIpv6Addr

mplsTunnelARHopIpv6PrefixLen

mplsTunnelARHopAsNumber

mplsTunnelARHopType

mplsTunnelCHopTable—Entries in this table correspond to the explicit route object (ERO) in RSVP, which is used to signal the LSP. The list of hops in this table will contain those hops that are computed by the constraint-based SPF algorithm. In those cases where "loose" hops are specified for the tunnel, this table will contain the hops that are "filled-in" between the loose hops in order to complete the path. If the user specifies a complete, explicit path, the computed hop table matches the user-specified path.

The computed hop table is indexed by address and hop number. Following the mplsTunnelCHopTableIndex pointer from the tunnel table is the best way to retrieve information from this table.

mplsTunnelCHopListIndex

mplsTunnelCHopIndex

mplsTunnelCHopAddrType

mplsTunnelCHopIpv4Addr

mplsTunnelCHopIpv4PrefixLen

mplsTunnelCHopIpv6Addr

mplsTunnelCHopIpv6PrefixLen

mplsTunnelCHopAsNumber

mplsTunnelCHopType

mplsTunnelPerfTable—The tunnel performance table, which augments the mplsTunnelTable described above, provides packet and byte counters for each tunnel. This table contains the following packet/byte counters:

mplsTunnelPerfPackets—This packet counter works only for tunnel heads.

mplsTunnelPerfHCPackets—This packet counter works only for tunnel heads.

mplsTunnelPerfErrors—This packet counter works only for tunnel heads.

mplsTunnelPerfBytes—This byte counter works for tunnel heads and tunnel midpoints, but not for tunnel tails.

mplsTunnelPerfHCBytes—This byte counter works for tunnel heads and tunnel midpoints, but not for tunnel tails.

mplsTunnelTrapEnable

In this release, the object type mplsTunnelTrapEnable is enhanced to be writeable. Accordingly, if this object type is set to "TRUE," the following notifications are enabled, thus giving you the ability to monitor changes in the operational status of MPLS traffic engineering tunnels:

mplsTunnelUp

mplsTunnelDown

mplsTunnelRerouted

If the mplsTunnelTrapEnable object is set to "FALSE," such operational status notifications are not generated. These notification functions are based on the definitions (mplsTeNotifications) contained in the IEFT draft document entitled draft-ietf-mpls-te-mib-05.txt.

CLI Access to MPLS TE MIB Information

Figure 1 shows specific CLI commands that can be used to retrieve information from specific tables in the MPLS TE MIB. As noted in this table, some information in the MPLS TE MIB is not retrievable by means of CLI commands.

Figure 1 CLI Commands for Retrieving MPLS TE MIB Information

Retrieving Information from the MPLS TE MIB

This section describes an efficient procedure to aid the user in efficiently retrieving information about traffic engineering tunnels. Such information can be quite useful in large networks which often contain many traffic engineering tunnels.

First, begin by traversing across a single column of the mplsTunnelTable, such as mplsTunnelName. This action provides the indexes of every tunnel configuration, as well as any label switched paths (LSPs) involving the host router. Using these indexes, you can perform a GET operation to retrieve information from any column and row of the mplsTunnelTable.

Furthermore, the mplsTunnelTable provides pointers to other tables for each tunnel. The column mplsTunnelResourcePointer, for example, provides an object ID (OID) that can be used to access resource allocation information in the mplsTunnelResourceTable. The columns mplsTunnelHopTableIndex, mplsTunnelARHopTableIndex, and mplsTunnelCHopTableIndex provide the primary index into the mplsTunnelHopTable, mplsTunnelARHopTable, and mplsTunnelCHopTable, respectively. By traversing the MPLS TE MIB in this manner using a hop table column and primary index, information pertaining to the hops of that tunnel configuration can be retrieved.

Also, since tunnels are treated as interfaces, the tunnel table column (mplsTunnelIfIndex), provides an index into the Interfaces MIB that can be used to retrieve interface specific information about a tunnel.

Configuration Tasks

This section describes the following MPLS TE MIB configuration tasks:

Enabling the SNMP Agent (required)

Verifying the Status of the SNMP Agent (optional)

Enabling the SNMP Agent

The SNMP agent for the MPLS TE MIB is disabled by default.

To enable the SNMP agent for the MPLS TE MIB, perform the steps shown in the following table:

 
Command
Purpose

Step 1 

Prompt# telnet xxx.xxx.xxx.xxx

Telnets to the router identified by the specified IP address (represented as xxx.xxx.xxx.xxx).

Step 2 

Router# enable

Enters the enable mode.

Step 3 

Router# show running-config

Displays the running configuration to determine if an SNMP agent is already running.

If no SNMP information is displayed, continue with Step 4. If any SNMP information is displayed, you can modify the information or change it as needed.

Step 4 

Router# config terminal

Enters the global configuration mode.

Step 5 

Router(config)# snmp-server community xxxxxx RO

Enables the read-only (RO) community string, where xxxxxx represents the read-only community string

Step 6 

Router(config)# exit

Exits the global configuration mode and returns you to the privileged EXEC mode.

Step 7 

Router# write memory

Writes the modified configuration to nonvolatile memory (NVRAM), permanently saving the settings.

Verifying the Status of the SNMP Agent

To verify that the SNMP agent has been enabled on a host network device, perform the steps shown in the following table:


Step 1 Telnet to the target device:

Router# telnet xxx.xxx.xxx.xxx
 
   

where xxx.xxx.xxx.xxx represents the IP address of the target device.

Step 2 Enable SNMP on the target device:

Router# enable
 
   

Step 3 Display the running configuration on the target device and examine the output for displayed SNMP information:

Router# show running-config
...
...
snmp-server community public RO
snmp-server community private RO
 
   

Any snmp-server statement that appears in the output and which takes the form shown above verifies that SNMP has been enabled on that device.


Configuration Examples

The following example shows how to enable an SNMP agent on a host network device:

Router# config terminal
Router(config)# snmp-server community 
 
   

The following example shows how to enable SNMPv1 and SNMPv2C. The configuration permits any SNMP agent to access all MPLS TE MIB objects with read-only permissions using the community string public.

Router(config)# snmp-server community public
 

The following example shows how to allow read-only access to all MPLS TE MIB objects relating to members of access list 4 that specify the comaccess community string. No other SNMP agents will have access to any MPLS TE MIB objects.

Router(config)# snmp-server community comaccess ro 4

Command Reference

This section documents new or modified CLI commands applicable to this Cisco IOS release.

snmp-server community

snmp-server enable traps

snmp-server host

Other CLI commands used with the MPLS TE MIB feature are documented in the Cisco IOS Release 12.0 command reference publications.

snmp-server community

Use the snmp-server community global configuration command on your host network management station (NMS) to configure read-only Simple Network Management Protocol (SNMP) community strings for the MPLS TE MIB. Use the no snmp-server community command to change the community string to its default value.

snmp-server community string [view view-name] [ ro ] [number]

[no] snmp-server community string

Syntax Description

string

A community string consists of 1 to 32 alphanumeric characters and acts like a password, permitting access to SNMP functionality on LSRs in your network. Blank spaces are not allowed in the community string.

view view-name

(Optional). The name of a previously-defined view delineating the objects available to the SNMP community.

ro

(Optional). This default keyword configures read-only (RO) access to MPLS TE MIBs on LSRs, thus limiting a network management station to retrieving objects from an MPLS TE MIB.

number

(Optional). This parameter is an integer from 1 to 99 specifying an access list of IP addresses that are allowed to use the community string to gain access to the SNMP v.1 agent.


Defaults

The default value of the read/write parameter is read-only (ro). The default value of the read-only community string is public, and the default value of the read-write community string is private.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced in this release.

12.0(17)S

This command was integrated into this release.


Usage Guidelines

The no snmp-server command disables both versions of SNMP (SNMPv1 and SNMPv2).

The first snmp-server command entered enables both versions of SNMP.

Examples

The following example shows how to set the read-write community string to newstring:

Router(config)# snmp-server community newstring rw
 
   

The following example shows how to assign the string comaccess to SNMPv1, allowing read-only access and specifying that IP access list 4 can use the community string:

Router(config)# snmp-server community comaccess ro 4
 
   

The following example shows how to assign the string mgr to SNMPv1, allowing read-write access to the objects in the restricted view:

Router(config)# snmp-server community mgr view restricted rw
 
   

The following example shows how to remove the community comaccess.

Router(config)# no snmp-server community comaccess
 
   

The following example shows how to disable both versions of SNMP:

Router(config)# no snmp-server 

Related Commands

Command
Description

snmp-server host

Specifies the recipient of an SNMP notification operation.

snmp-server enable traps

Enables a router to send SNMP notification messages.


snmp-server enable traps

To enable the router to send Simple Network Management Protocol notifications or informs (SNMP notifications), use the snmp-server enable traps global configuration command. Use the no form of this command to disable SNMP notifications.

snmp-server enable traps [notification-type] [notification-option]

no snmp-server enable traps [notification-type] [notification-option]

Syntax Description

notification-type

(Optional.) Specifies the type of SNMP notification to enable. If no notification type is specified, all SNMP notifications available on your router are sent to the host. The notification type can be one or more of the following keywords:

bgp—Sends Border Gateway Protocol (BGP) state change notifications.

config—Sends configuration notifications.

entity—Sends Entity MIB modification notifications.

envmon—Sends Cisco enterprise-specific environmental monitor notifications when an environmental threshold is exceeded. When the envmon keyword is used, you can specify a notification-option value.

frame-relay—Sends Frame Relay notifications.

hsrp—Sends Hot Standby Routing Protocol (HSRP) notifications.

isdn—Sends Integrated Services Digital Network (ISDN) notifications. When the isdn keyword is used, you can specify a notification-option value.

repeater—Sends Ethernet hub repeater notifications. When the repeater keyword is selected, you can specify a notification-option value.

rsvp—Sends Resource Reservation Protocol (RSVP) notifications.

rtr—Sends Service Assurance Agent/Response Time Reporter (RTR) notifications.

snmp [authentication]—Sends RFC 1157 SNMP notifications. Note that use of the authentication keyword produces the same effect as not using the authentication keyword. Both the snmp-server enable traps snmp and snmp-server enable traps snmp authentication forms of this command will globally enable (or, if using the no form, disable) the following SNMP notifications:

authenticationFailure

linkUp

linkDown

warmstart

syslog—Sends error message notifications (Cisco Syslog MIB). You can specify the level of messages to be sent by means of the logging history level command.

mpls traffic-eng—Sends notifications about changes in the status of MPLS traffic engineering tunnels.

Note that the notification-type keyword for MPLS traffic engineering tunnels is specified as "mpls traffic-eng" (containing an intervening space and a dash). This particular keyword syntax (which is interpreted by the CLI as a 2-word construct) has been adopted to maintain consistency with other MPLS traffic engineering commands.

notification-option

(Optional.) Specifies the notification option.

envmon [voltage | shutdown | supply | fan | temperature]

When you specify the envmon keyword, you can enable a specific environmental notification type, or accept all notification types from the environmental monitor system. If no option is specified, all environmental notifications are enabled. The option can be one or more of the following keywords: voltage, shutdown, supply, fan, and temperature.

isdn [call-information | isdn u-interface]

When you specify the isdn keyword, you can also specify the call-information keyword to enable an SNMP ISDN call information notification for the ISDN MIB subsystem, or you can specify the isdnu-interface keyword to enable an SNMP ISDN U interface notification for the ISDN U Interfaces MIB subsystem.

repeater [health | reset]

When you specify the repeater keyword, you can also specify the repeater option. If no option is specified, all repeater notifications are enabled. The specified option can be either of the following keywords:

health—Enables IETF Repeater Hub MIB (RFC 1516) health notification.

resetEnables IETF Repeater Hub MIB (RFC 1516) reset notification.

mpls traffic-eng [up | down | reroute]

When you specify the mpls traffic-eng keyword, it enables the sending of notifications to indicate changes in the status of MPLS traffic engineering tunnels.

Any one of the following can be specified as an argument to the mpls traffic-eng keyword:

up

down

reroute

If you do not specify a specific argument in conjunction with the mpls traffic-eng keyword, all three types of MPLS traffic engineering tunnel notifications will be sent.

Note that the notification-option keyword for MPLS traffic engineering tunnels is specified as "mpls traffic-eng" (containing an intervening space and a dash). This particular keyword syntax (which is interpreted by the CLI as a 2-word construct) has been adopted to maintain consistency with other MPLS traffic engineering commands.


Defaults

This command is disabled by default. Most notification types are disabled. However, some notification types cannot be controlled by means of this command.

If you enter this command with no notification-type keywords, the default is to enable all notification types controlled by this command.

Command Modes

Global configuration

Command History

Release
Modification

11.1

This command was introduced.

11.3

The snmp-server enable traps snmp authentication form of this command was introduced to replace the snmp-server trap-authentication command.

12.0(17)S

The mpls traffic-eng keyword was added for use in conjunction with the notification-type and notification-option parameters of the snmp-server enable traps command.


Usage Guidelines

SNMP notifications can be sent as either traps or inform requests.

This command enables both traps and inform requests for the specified notification types. To specify whether the notifications should be sent as traps or informs, use the snmp-server host [traps | informs] command.

If you do not enter an snmp-server enable traps command, no notifications controlled by this command will be sent. In order to configure the router to send these SNMP notifications, you must enter at least one snmp-server enable traps command. If you enter the command with no keywords, all notification types are enabled. If you enter the command with a keyword, only the notification type related to that keyword is enabled. In order to enable multiple types of notifications, you must issue a separate snmp-server enable traps command for each notification type and notification option.

The snmp-server enable traps command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts will receive SNMP notifications. In order to send notifications, you must configure at least one snmp-server host command.

For a host to receive a notification controlled by this command, both the snmp-server enable traps command and the snmp-server host command for that host must be enabled. If the notification type is not controlled by this command, just the appropriate snmp-server host command must be enabled.

The notification types used in this command all have an associated MIB object that allows them to be globally enabled or disabled. Not all of the notification types available in the snmp-server host command have notificationEnable MIB objects; thus, some notification types cannot be controlled by means of the snmp-server enable command.

Examples

In the following example, the router is enabled to send all notifications to the host specified as myhost.cisco.com, using the community string defined as public:

snmp-server enable traps
snmp-server host myhost.cisco.com public
 
   

In the following example, the router is enabled to send Frame Relay and environmental monitor notifications to the host specified as myhost.cisco.com using the community string public:

snmp-server enable traps frame-relay
snmp-server enable traps envmon temperature
snmp-server host myhost.cisco.com public
 
   

In the following example, notifications are not sent to any host. BGP notifications are enabled for all hosts, but the only notifications enabled to be sent to a host are ISDN notifications (which are not enabled in this example).

snmp-server enable traps bgp
snmp-server host bob public isdn
 
   

In the following example, the router is enabled to send all inform requests to the host specified as myhost.cisco.com, using the community string defined as public:

snmp-server enable traps
snmp-server host myhost.cisco.com informs version 2c public
 
   

In the following example, HSRP MIB notifications are sent to the host specified as myhost.cisco.com using the community string public.

snmp-server enable hsrp
snmp-server host myhost.cisco.com traps version 2c public hsrp
 
   

Related Commands

Command
Description

snmp-server host

Specifies the recipient of an SNMP notification.


snmp-server host

To specify the recipient of a Simple Network Management Protocol notification, use the snmp-server host global configuration command. To remove the specified host, use the no form of this command.

snmp-server host host-addr [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]}] community-string [udp-port port] [notification-type]

no snmp-server host host [traps | informs]

Syntax Description

host-addr

Name or Internet address of the host (the targeted recipient of SNMP notifications).

traps

(Optional.) Send SNMP notifications to this host. This is the default.

informs

(Optional.) Send SNMP informs to this host.

version

(Optional.) Version of the Simple Network Management Protocol (SNMP) used to send the notifications. Version 3 is the most secure model, since it allows packet encryption by means of the priv keyword. If you use the version keyword, one of the following must be specified:

1—SNMPv1. This option is not available with informs.

2c—SNMPv2C.

3—SNMPv3. The following optional keywords can be used in conjunction with the version 3 keyword:

auth (Optional.) Enables Message Digest 5 (MD5) and Secure Hash Algorithm (SHA) packet authentication.

noauth (Default.) The noAuthNoPriv security level. This is the default if the [auth | noauth | priv] keyword choice is not specified.

priv (Optional.) Enables Data Encryption Standard (DES) packet encryption (also called "privacy").

community-string

Password-like community string sent with the notification operation. Although you can set this string using the snmp-server host command by itself, we recommend that you define this string using the snmp-server community command prior to using the snmp-server host command.

udp-port port

UDP port of the host to which SNMP notifications are to be sent. The default is 162.

notification-type

(Optional.) Specifies the type of SNMP notification to be sent to the host. If no type is specified, all notifications are sent. Any one or more of the following can be specified as keywords in the notification-type parameter:

bgp—Sends Border Gateway Protocol (BGP) state change notifications.

config—Sends configuration notifications.

dspu—Sends downstream physical unit (DSPU) notifications.

entity—Sends Entity MIB modification notifications.

envmon—Sends Cisco enterprise-specific environmental monitor notifications when an environmental threshold is exceeded.

frame-relay—Sends Frame Relay notifications.

hsrp—Sends Hot Standby Routing Protocol (HSRP) notifications.

isdn—Sends Integrated Services Digital Network (ISDN) notifications.

llc2—Sends Logical Link Control, Type 2 (LLC2) notifications.

repeater—Sends standard repeater (hub) notifications.

rsrb—Sends remote source-route bridging (RSRB) notifications.

rsvp—Sends Resource Reservation Protocol (RSVP) notifications.

rtr—Sends SA Agent (RTR) notifications.

sdlc—Sends Synchronous Data Link Control (SDLC) notifications.

sdllc—Sends SDLLC notifications.

snmpSends Simple Network Management Protocol (SNMP) notifications (as defined in RFC 1157).

stun—Sends serial tunnel (STUN) notifications.

syslog—Sends error message notifications (Cisco Syslog MIB). Specify the level of messages to be sent using the logging history level command.

tty—Sends Cisco enterprise-specific notifications when a Transmission Control Protocol (TCP) connection closes.

x25—Sends X.25 event notifications.

mpls-traffic-eng—Sends MPLS traffic engineering notifications indicating changes in the status of MPLS traffic engineering tunnels.

Note that the notification-type keyword applicable to MPLS traffic engineering tunnels is specified as "mpls-traffic-eng" (containing two dashes and no intervening spaces). This syntax is necessary to ensure that the CLI interprets this parameter as a unified, single-word construct, thus preserving the capability of the snmp-server host command to accept multiple notification-type keywords in the CLI command line (subject only to the requirement that all such keywords specified be separated by a space).

The corresponding parameter in the snmp-server enable traps command, however, is not subject to this requirement and is, therefore, specified as "mpls traffic-eng" (containing an intervening space and a dash). The keyword syntax for the notification-type and notification-option parameters in the case of the snmp-server enable traps command is interpreted by the CLI as a 2-word construct and must be so specified in order to maintain consistency with other MPLS traffic engineering commands.


Defaults

This command is disabled by default, in which case, no SNMP notifications are sent.

If you enter this command with no keywords, the default is to send all types of notifications to the host. No informs will be sent to this host.

If no version keyword is present, the default is version 1. The no snmp-server host command with no keywords will disable notifications, but not informs, to the host. To disable informs, use the no snmp-server host informs command.


Note If the community-string is not defined using the snmp-server community command prior to using this command, the default form of the snmp-server community command will automatically be inserted into the configuration. The password (community-string) used for this automatic configuration of the snmp-server community will be the same as specified in the snmp-server host command. This is the default behavior for Cisco IOS Release 12.0(3) and later.


Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.

12.0(17)S

The mpls-traffic-eng keyword was added for use in conjunction with the notification-type parameter of the snmp-server host command to enable sending SNMP notifications reflecting status changes in MPLS traffic engineering tunnels.


Usage Guidelines

SNMP notifications can be sent as either traps or inform requests.

In general, notifications are not as reliable as informs because the receiver does not send an acknowledgment of notification receipt. Also, the sender cannot determine if notifications were received. However, an SNMP entity that receives an inform request acknowledges the message with an SNMP response PDU. If the sender does not receive the response, the inform request can be resent. Thus, informs are more likely to reach their intended destination.

However, informs consume more resources in the SNMP agent and in the network. Unlike a notification, which is discarded as soon as it is sent, an inform request must be held in memory until a response is received or the request times out. Also, notifications are sent only once, while an inform may be retried several times. Such retries increase traffic and contribute to higher network overhead.

If you do not enter an snmp-server host command, no notifications are sent. In order to configure the router to send SNMP notifications, you must enter at least one snmp-server host command. If you enter the command with no keywords, all SNMP notification types are enabled for the host.

In order to enable multiple hosts, you must issue a separate snmp-server host command for each targeted host. You can specify multiple notification types in the command for each host.

When multiple snmp-server host commands are issued for the same host and notification type (trap or inform request), each succeeding command overwrites the previous command. Only the last snmp-server host command issued for a host will be in effect. For example, if you enter an snmp-server host inform command for a host and then enter another snmp-server host inform command for the same host, the second command will override the first.

The snmp-server host command is used in conjunction with the snmp-server enable command. Use the snmp-server enable command to specify which SNMP notifications are to be sent globally. For a host to receive most notifications, at least one snmp-server enable command and the snmp-server host command for that host must be enabled.

However, some notification types cannot be controlled by means of the snmp-server enable command. For example, some notification types are always enabled. Other notification types are enabled by a different command. For example, the linkUpDown notifications are controlled by the snmp trap link-status command. These notification types do not require an snmp-server enable command.

The availability of a notification-type option depends on the router type and the Cisco IOS features supported on the router. For example, the envmon notification-type is available only if the environmental monitor is part of the system.

Examples

If you want to configure a unique SNMP community string for notifications, but you want to prevent SNMP polling access with this string, the configuration should include an access-list. In the following example, the community string is named "comaccess" and the access list is numbered 10:

snmp-server community comaccess ro 10
snmp-server host 172.20.2.160 comaccess
access-list 10 deny any
 
   

In the following example, SNMP notifications are sent to the host specified as myhost.cisco.com. The community string is defined as comaccess.

snmp-server enable traps
snmp-server host myhost.cisco.com comaccess snmp
 
   

In the following example, SNMP and Cisco environmental monitor enterprise-specific notifications are sent to the host identified by IP address 172.30.2.160:

snmp-server enable traps
snmp-server host 172.30.2.160 public snmp envmon
 
   

In the following example, the router is enabled to send all notifications to the host identified as myhost.cisco.com using the community string public:

snmp-server enable traps
snmp-server host myhost.cisco.com public
 
   

In the following example, notifications will not be sent to any host. The BGP notifications are enabled for all hosts, but only the ISDN notifications are enabled for sending to a host.

snmp-server enable traps bgp
snmp-server host bob public isdn
 
   

In the following example, the router is enabled to send all inform requests to the host specified as myhost.cisco.com using the community string public:

snmp-server enable traps
snmp-server host myhost.cisco.com informs version 2c public
 
   

In the following example, HSRP MIB notifications are sent to the host specified as myhost.cisco.com. The community string is defined as public.

snmp-server enable hsrp
snmp-server host myhost.cisco.com traps version 2c public hsrp
 
   

Related Commands

Command
Description

snmp-server enable traps

Enables a router to send SNMP notification messages to a host.


Glossary

affinity bitsan MPLS traffic engineering tunnel's requirements on the attributes of the links it will cross. The tunnel's affinity bits and affinity mask must match up with the attributes of the various links carrying the tunnel.

call admission precedence—an MPLS traffic engineering tunnel with a higher priority will, if necessary, preempt an MPLS traffic engineering tunnel with a lower priority. An expected use is that tunnels that are harder to route will have a higher priority, and can preempt tunnels that are easier to route, on the assumption that those lower priority tunnels can find another path.

constraint-based routing—Procedures and protocols used to determine a route across a backbone taking into account resource requirements and resource availability, instead of simply using the shortest path.

flow—A traffic load entering the backbone at one point—point of presence (POP)—and leaving it from another, that must be traffic engineered across the backbone. The traffic load will be carried across one or more LSP tunnels running from the entry POP to the exit POP.

head-end—The LSR at which the tunnel originates. The tunnel's "head" or tunnel interface will reside at this LSR as well.

informs—A type of notification message that is more reliable than a conventional trap notification message, since the informs message notification requires acknowledgment, while a trap notification does not.

label—A short, fixed-length data construct that tells switching nodes how to forward data (packets or cells).

label-switched path (LSP) tunnel—A configured connection between two routers, using label switching to carry the packets. label-switched path (LSP)—A sequence of hops (R0...Rn) in which a packet travels from R0 to Rn through label switching mechanisms. A -switched path can be chosen dynamically, based on normal routing mechanisms, or through configuration.

Management Information Base—See MIB.

MIB—Management information base. A database of network management information (consisting of MIB objects) that is used and maintained by a network management protocol such as SNMP. The value of a MIB object can be changed or retrieved using SNMP commands, usually by means of a GUI-based network management system. MIB objects are organized in a tree structure that includes public (standard) and private (proprietary) branches.

MPLS—Multiprotocol label switching. An emerging industry standard that defines support for MPLS forwarding of packets along normally routed paths (sometimes called MPLS hop-by-hop forwarding).

Multiprotocol Label Switching traffic engineering—MPLS traffic engineering. A constraint-based routing algorithm for routing LSP tunnels.

Notification (see traps)—A message sent by an SNMP agent to a network management station, console, or terminal to indicate that a significant event within Cisco IOS has occurred.

NMS—Network management station. An NMS is a powerful, well-equipped computer (typically an engineering workstation) that is used by a network administrator to communicate with other devices in the network. An NMS is typically used to manage network resources, gather statistics, and perform a variety of network administration and configuration tasks.

OSPF—Open shortest path first (OSPF). A link state routing protocol used for routing IP.

RSVP—Resource Reservation Protocol. Protocol for reserving network resources to provide Quality of Service guarantees to application flows.

Simple Network Management Protocol—See SNMP.

SNMP—Simple Network Management Protocol. A network management protocol used almost exclusively in TCP/IP networks. SNMP provides a means to monitor and control network devices, manage configurations, collect statistics, monitor performance, and ensure network security.

tail-end—The downstream, receive end of a tunnel.

traffic engineering—The techniques and processes used to cause routed traffic to travel through the network on a path other than the one that would have been chosen if standard routing methods had been used.

trap(see notification)—A message sent by an SNMP agent to a network management station, console, or terminal to indicate that a significant event within Cisco IOS has occurred. Traps (notifications) are less reliable than inform requests, because the receiver of the trap does not send an acknowledgment of receipt; furthermore, the sender of the trap cannot determine if the trap was received.

VCI—Virtual channel identifier. A 16-bit field in the header of an ATM cell. The VCI, together with the VPI (see below), is used to identify the next network VCL (see below) as the cell passes through a series of ATM switches on its way to its final destination.

VCC—Virtual channel connection. A VCC is a logical circuit consisting of VCLs (see below) that carries data between two end points in an ATM network. Sometimes called a virtual circuit connection.

VCL—Virtual channel link. A VCL is the logical connection that exists between two adjacent switches in an ATM network.

VPI—Virtual path identifier. An 8-bit field in the header of an ATM cell. The VPI, together with the VCI (see above), is used to identify the next network VCL (see above) as the cell passes through a series of ATM switches on its way to its final destination.