-
Cisco IOS XR System Management Command Reference for the Cisco CRS Router, Release 4.1
-
Preface
-
Boot Commands on the Cisco IOS XR Software
-
Bulk Content Downloader (BCDL) Commands on the Cisco IOS XR Software
-
Call Home Commands on the Cisco IOS XR Software
-
CDP Commands on the Cisco IOS XR Software
-
Clock Commands on the Cisco IOS XR Software
-
Configuration Management Commands on the Cisco IOS XR Software
-
Distributed Route Processor Commands on Cisco IOS XR Software
-
File System Commands on the Cisco IOS XR Software
-
Hardware Redundancy and Node Administration Commands on the Cisco IOS XR Software
-
Manageability Commands on the Cisco IOS XR Software
-
NTP Commands on the Cisco IOS XR Software
-
Process and Memory Management Commands on the Cisco IOS XR Software
-
Secure Domain Router Commands on the Cisco IOS XR Software
-
SNMP Server Commands on the Cisco IOS XR Software
-
Software Entitlement Commands on the Cisco IOS XR Software
-
Software Package Management Commands on the Cisco IOS XR Software
-
Terminal Services Commands on the Cisco IOS XR Software
-
Utility Commands on the Cisco IOS XR Software
-
Index
-
Feedback
Contents
SNMP Server Commands on the Cisco IOS XR Software
This chapter describes the Cisco IOS XR software commands used to configure and monitor the Simple Network Management Protocol (SNMP) for network monitoring and management.
For detailed information about SNMP concepts, configuration tasks, and examples, see the Implementing SNMP on Cisco IOS XR Software configuration module in Cisco IOS XR System Management Configuration Guide for the Cisco CRS Router.
Note
The snmp-server commands enable SNMP on Management Ethernet interfaces by default. For information about how to enable SNMP server support on other inband interfaces, see the Implementing Management Plane Protection on Cisco IOS XR Software module in Cisco IOS XR System Security Configuration Guide for the Cisco CRS Router.
- clear snmp counters
- index persistence
- notification linkupdown
- show snmp
- show snmp context-mapping
- show snmp engineid
- show snmp entity
- show snmp group
- show snmp host
- show snmp interface
- show snmp interface notification
- show snmp interface regular-expression
- show snmp mib
- show snmp request duplicates
- show snmp users
- show snmp view
- snmp-server chassis-id
- snmp-server community
- snmp-server community-map
- snmp-server contact
- snmp-server context
- snmp-server engineid local
- snmp-server engineid remote
- snmp-server entityindex persist
- snmp-server group
- snmp-server host
- snmp-server ifindex persist
- snmp-server ifmib ifalias long
- snmp-server ifmib stats cache
- snmp-server inform
- snmp-server interface
- snmp-server interface subset
- snmp-server ipv4 dscp
- snmp-server ipv4 precedence
- snmp-server location
- snmp-server mibs cbqosmib cache
- snmp-server mibs cbqosmib persist
- snmp-server mibs eventmib packet-loss
- snmp-server notification-log-mib
- snmp-server packetsize
- snmp-server queue-length
- snmp-server target list
- snmp-server throttle-time
- snmp-server timeouts subagent
- snmp-server trap authentication vrf disable
- snmp-server trap link ietf
- snmp-server trap throttle-time
- snmp-server traps
- snmp-server traps bgp
- snmp-server traps mpls l3vpn
- snmp-server traps ospf errors
- snmp-server traps ospf lsa
- snmp-server traps ospf retransmit
- snmp-server traps ospf state-change neighbor-state-change
- snmp-server traps pim interface-state-change
- snmp-server traps pim invalid-message-received
- snmp-server traps pim neighbor-change
- snmp-server traps pim rp-mapping-change
- snmp-server traps rsvp
- snmp-server traps snmp
- snmp-server traps syslog
- snmp-server trap-source
- snmp-server trap-timeout
- snmp-server user
- snmp-server view
- snmp-server vrf
- snmp test trap all
- snmp test trap entity
- snmp test trap infra
- snmp test trap interface
- snmp test trap snmp
clear snmp counters
To clear the Simple Network Management Protocol (SNMP) packet statistics shown by the show snmp command, use the clear snmp counters command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The clear snmp counters command provides the ability to clear all SNMP counters used in the show snmp command without restarting any processes.
Task ID
index persistence
To enable index persistence on an Simple Network Management Protocol (SNMP) interface, use the index persistence command in SNMP interface configuration mode. To restore the default conditions with respect to this command, use the no form of this command.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the index persistence command to enable ifIndex persistence for individual entries (corresponding to individual interfaces) in the ifIndex table of the IF-MIB. IfIndex persistence retains the mapping between the ifName object values and the ifIndex object values (generated from the IF-MIB) across reboots, allowing for consistent identification of specific interfaces using SNMP.
Task ID
Examples
The following example shows how to assign ifIndex persistence on Packet-over-SONET/SDH (POS) interface 0/0/1/0:
RP/0/RP0/CPU0:router(config)# snmp-server interface pos 0/0/1/0 RP/0/RP0/CPU0:router(config-snmp-if)# index persistenceRelated Commands
notification linkupdown
To enable or disable linkUp and linkDown trap notifications on a Simple Network Management Protocol (SNMP) interface, use the notification linkupdown command in SNMP interface configuration mode. To revert to the default setting, use the no form of this command.
Syntax Description
Command Default
By default, for all main interfaces the linkUp and linkDown trap notifications are enabled; for all subinterfaces they are disabled.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.2
The enable keyword was removed.
Release 3.9.0
This command was supported in the SNMP interface subset configuration mode.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Enabling of linkUp and linkDown notifications is performed globally using the snmp-server traps snmp command. Issue the notification linkupdown command to disable linkUp and linkDown notifications on an interface.
Use the no form of this command to enable linkUp and linkDown notifications on an interface, if linkUp and linkDown notifications have been disabled.
You can also use the snmp-server interface subset command to enable or disable groups of interfaces.
Task ID
Examples
The following example shows how to disable linkUp and linkDown trap notifications on Packet-over-SONET/SDH (POS) interface 0/0/1/0:
RP/0/RP0/CPU0:router(config)# snmp-server interface pos 0/0/1/0 RP/0/RP0/CPU0:router(config-snmp-if)# notification linkupdown disableRelated Commands
Command
Description
Displays the ifIndex value for an SNMP interface.
Specifies the identification number of the local SNMP engine.
Enables ifIndex persistence globally for all SNMP interfaces.
Enables an interface to send SNMP trap notifications and enter SNMP interface configuration mode.
Enters snmp-server interface mode for a subset of interfaces.
Enables the sending of RFC 1157 Simple Network Management Protocol (SNMP) notifications.
show snmp
To display the status of Simple Network Management Protocol (SNMP) communications, use the show snmp command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the show snmp command to show counter information for SNMP operations. It also displays the chassis ID string defined with the snmp-server chassis-id command.
Task ID
Examples
This example shows sample output from the show snmp command:
RP/0/RP0/CPU0:router# show snmp Chassis: 01506199 37 SNMP packets input 0 Bad SNMP version errors 4 Unknown community name 0 Illegal operation for community name supplied 0 Encoding errors 24 Number of requested variables 0 Number of altered variables 0 Get-request PDUs 28 Get-next PDUs 0 Set-request PDUs 78 SNMP packets output 0 Too big errors (Maximum packet size 1500) 0 No such name errors 0 Bad values errors 0 General errors 24 Response PDUs 13 Trap PDUs SNMP logging: enabled Logging to 172.25.58.33.162, 0/10, 13 sent, 0 dropped.Table 1 describes the significant fields shown in the display.
Table 1 show snmp Field Descriptions Field
Description
Chassis
Chassis ID string.
SNMP packets input
Total number of SNMP packets input.
Bad SNMP version errors
Number of packets with an invalid SNMP version.
Unknown community name
Number of SNMP packets with an unknown community name.
Illegal operation for community name supplied
Number of packets requesting an operation not allowed for that community.
Encoding errors
Number of SNMP packets that were improperly encoded.
Number of requested variables
Number of variables requested by SNMP managers.
Number of altered variables
Number of variables altered by SNMP managers.
Get-request PDUs
Number of get requests received
Get-next PDUs
Number of get-next requests received.
Set-request PDUs
Number of set requests received.
SNMP packets output
Total number of SNMP packets sent by the device.
Too big errors
Number of SNMP packets that were larger than the maximum packet size.
Maximum packet size
Maximum size of SNMP packets.
No such name errors
Number of SNMP requests that specified a MIB object that does not exist.
Bad values errors
Number of SNMP set requests that specified an invalid value for a MIB object.
General errors
Number of SNMP set requests that failed due to some other error. (It is not a noSuchName error, badValue error, or any of the other specific errors.)
Response PDUs
Number of responses sent in reply to requests.
Trap PDUs
Number of SNMP traps sent.
SNMP logging
Enabled or disabled logging.
sent
Number of traps sent.
dropped
Number of traps dropped. Traps are dropped when the trap queue for a destination exceeds the maximum length of the queue, as set by the snmp-server queue-length command.
show snmp context-mapping
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The SNMP agent handles queries based on SNMP contexts created by client features. Use the show snmp context-mapping command to display the SNMP context mapping table. Each entry in the table includes the name of an SNMP context created by a client instance and the name of the client that created the context.
Task ID
Examples
The following example shows sample output from the show snmp context-mapping command:
RP/0/RP0/CPU0:router# show snmp context-mapping Wed Aug 6 01:42:35.227 UTC Context-name Feature-name Feature ControlEthernet0_RP0_CPU0_S0 ControlEthernet0_RP0_CPU0_S0 BRIDGEINST ControlEthernet0_RP1_CPU0_S0 ControlEthernet0_RP1_CPU0_S0 BRIDGEINSTshow snmp engineid
To display the identification of the local Simple Network Management Protocol (SNMP) engine and all remote engines that have been configured on the router, use the show snmp engineid command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
An SNMP engine is a copy of SNMP that can reside on a local device.
Task ID
Examples
The following example shows sample output from the show snmp engineid command:
RP/0/RP0/CPU0:router# show snmp engineid Local SNMP engineID: 00000009020000000C025808show snmp entity
To display the entPhysicalName and entPhysicalIndex mappings, use the show snmp entity command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the show snmp entity command to view the entity index to use in the snmp test trap entity command. To use the show snmp entity command, SNMP must be configured on the router.
Task ID
Examples
This example illustrates sample output from the show snmp entity command:
RP/0/RP0/CPU0:router# show snmp entity Thu Aug 13 02:10:06.741 UTC entPhysicalIndex: 22001 entPhysicalName: portslot 0/0/CPU0/7 entPhysicalIndex: 23006 entPhysicalName: portslot 0/0/CPU0/129 entPhysicalIndex: 23557 entPhysicalName: portslot 0/0/CPU0/3 entPhysicalIndex: 47719 entPhysicalName: 0/0/* - ingresspse - 1.2V entPhysicalIndex: 320862 entPhysicalName: 0/0/* - host - 5V_C entPhysicalIndex: 322450 entPhysicalName: 0/0/* - host - 1.5V entPhysicalIndex: 428209 entPhysicalName: 0/PL2/* entPhysicalIndex: 1038801 entPhysicalName: 0/0/* - ingressq - 2.5V entPhysicalIndex: 1040485 entPhysicalName: 0/0/* - ingressq - 1.25V_0123 entPhysicalIndex: 1152042 entPhysicalName: 0/2/CPU0/7 entPhysicalIndex: 2031334 entPhysicalName: 0/SM0/* - host - Inlet1 entPhysicalIndex: 2032954 entPhysicalName: 0/SM0/* - host - 1.8V_L entPhysicalIndex: 2034510 entPhysicalName: 0/SM0/* - host - brd-ok-led entPhysicalIndex: 2110001 entPhysicalName: 0/PL2/* - plimasic - Exhaust0 entPhysicalIndex: 2111557 entPhysicalName: 0/PL2/* - plimasic - 1.8V entPhysicalIndex: 2358084 entPhysicalName: 0/0/* - egressq entPhysicalIndex: 2359704 entPhysicalName: 0/0/* - cpu entPhysicalIndex: 2469162 entPhysicalName: 0/2/* - egressq - Hotspot0 entPhysicalIndex: 2559937 entPhysicalName: 0/0/* - egressq - 1.2V entPhysicalIndex: 2577533 entPhysicalName: 0/2/CPU0/0 entPhysicalIndex: 2853020 entPhysicalName: 0/0/* - egresspse - 5V entPhysicalIndex: 3497583 entPhysicalName: 0/SM1/* - host - brd-ok-led entPhysicalIndex: 3500791 entPhysicalName: 0/SM1/* - host - Inlet1 --More—RP/0/RP0/CPU0:router# show snmp entity Mon Nov 15 11:19:23.609 UTC entPhysicalIndex: 172193 entPhysicalName: portslot 0/0/CPU0/1 entPhysicalIndex: 322450 entPhysicalName: voltages 0/0/CPU0 entPhysicalIndex: 345071 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 346659 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 349835 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 546880 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 845998 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 847586 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 1192623 entPhysicalName: 0/25/CPU0 entPhysicalIndex: 1227530 entPhysicalName: voltages 0/21/CPU0 entPhysicalIndex: 1460256 entPhysicalName: temperatures 0/18/CPU0 entPhysicalIndex: 1795138 entPhysicalName: temperatures 0/20/CPU0 entPhysicalIndex: 3079213 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 3080801 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 3082421 entPhysicalName: slot 7/0 entPhysicalIndex: 5037675 entPhysicalName: 0/21/CPU0 entPhysicalIndex: 5509481 entPhysicalName: voltages 0/9/CPU0 entPhysicalIndex: 6182130 entPhysicalName: voltages 0/9/CPU0 entPhysicalIndex: 6369487 entPhysicalName: portslot 0/9/CPU0/2 entPhysicalIndex: 8392407 entPhysicalName: temperatures 0/17/CPU0 entPhysicalIndex: 8548798 entPhysicalName: 0/21/CPU0 - host entPhysicalIndex: 10735504 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 10737188 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 10738808 entPhysicalName: slot 1/1 entPhysicalIndex: 11312388 entPhysicalName: slot 7 entPhysicalIndex: 11314008 entPhysicalName: slot 3 entPhysicalIndex: 12644344 entPhysicalName: voltages 0/19/CPU0 entPhysicalIndex: 12761695 entPhysicalName: slot 24 entPhysicalIndex: 12763283 entPhysicalName: slot 20 entPhysicalIndex: 12907576 entPhysicalName: voltages 0/0/CPU0 entPhysicalIndex: 13262622 entPhysicalName: slot 16 entPhysicalIndex: 13290941 entPhysicalName: temperatures 0/16/CPU0 entPhysicalIndex: 13404457 entPhysicalName: voltages 0/2/CPU0 entPhysicalIndex: 13406077 entPhysicalName: voltages 0/2/CPU0 entPhysicalIndex: 13701859 entPhysicalName: voltages 0/2/CPU0 entPhysicalIndex: 13900492 entPhysicalName: voltages 0/2/CPU0 entPhysicalIndex: 13903700 entPhysicalName: voltages 0/2/CPU0 entPhysicalIndex: 13905384 entPhysicalName: voltages 0/2/CPU0 entPhysicalIndex: 14106204 entPhysicalName: portslot 0/8/CPU0/2 entPhysicalIndex: 14256525 entPhysicalName: voltages 0/8/CPU0 entPhysicalIndex: 14979942 entPhysicalName: slot 2/2 entPhysicalIndex: 14981562 entPhysicalName: voltages 0/2/CPU0 entPhysicalIndex: 15141782 entPhysicalName: 0/19/CPU0 entPhysicalIndex: 15873651 entPhysicalName: temperatures 0/22/CPU0 entPhysicalIndex: 15986678 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 15988234 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 15991442 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 16136999 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 16138619 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 16285636 entPhysicalName: temperatures 0/1/CPU0 entPhysicalIndex: 16287256 entPhysicalName: voltages 0/1/CPU0 entPhysicalIndex: 16606045 entPhysicalName: voltages 0/8/CPU0 entPhysicalIndex: 16607633 entPhysicalName: voltages 0/8/CPU0 entPhysicalIndex: 16733769 entPhysicalName: 0/2/CPU0 - host entPhysicalIndex: 16949774 entPhysicalName: portslot 0/0/CPU0/0 entPhysicalIndex: 17098539 entPhysicalName: temperatures 0/0/CPU0 entPhysicalIndex: 17122684 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 17124272 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 17127448 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 17205790 entPhysicalName: 0/2/CPU0 entPhysicalIndex: 17322905 entPhysicalName: temperatures 0/7/CPU0 entPhysicalIndex: 17324589 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 17595466 entPhysicalName: 0/25/CPU0 - host entPhysicalIndex: 17620307 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 17621991 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 17623611 entPhysicalName: voltages 0/7/CPU0 entPhysicalIndex: 18003523 entPhysicalName: temperatures 0/21/CPU0 entPhysicalIndex: 18237837 entPhysicalName: voltages 0/18/CPU0 entPhysicalIndex: 18571163 entPhysicalName: voltages 0/20/CPU0 ---More---show snmp group
To display the names of groups on the router, security model, status of the different views, and storage type of each group, use the show snmp group command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
This example shows sample output from the show snmp group command:
RP/0/RP0/CPU0:router# show snmp group groupname: public security model:snmpv1 readview : v1default writeview: - notifyview: v1default row status: nonVolatile groupname: public security model:snmpv2c readview : v1default writeview: - notifyview: v1default row status: nonVolatile
Table 3 show snmp group Field Descriptions Field
Definition
groupname
Name of the Simple Network Management Protocol (SNMP) group or collection of users that have a common access policy.
readview
String identifying the read view of the group.
security model
Security model used by the group, either v1, v2c, or v3.
writeview
String identifying the write view of the group.
notifyview
String identifying the notify view of the group.
row status
Settings that are set in volatile or temporary memory on the device, or in nonvolatile or persistent memory where settings remain after the device is turned off and on again.
show snmp host
To display the configured Simple Network Management Protocol (SNMP) notification recipient host, User Datagram Protocol (UDP) port number, user, and security model, use the show snmp host command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
The following example shows sample output from the show snmp host command:
RP/0/RP0/CPU0:router# show snmp host Notification host: 10.50.32.170 udp-port: 2345 type: trap user: userV3auth security model: v3 auth Notification host: 10.50.32.170 udp-port: 2345 type: trap user: userV3noauth security model: v3 noauth Notification host: 10.50.32.170 udp-port: 2345 type: trap user: userV3priv security model: v3 priv Notification host: 10.50.32.170 udp-port: 2345 type: trap user: userv2c security model: v2c
Table 4 show snmp host Field Descriptions Field
Definition
Notification host
Name or IP address of target host.
udp-port
UDP port number to which notifications are sent.
type
Type of notification configured.
user
Security level of the user.
security model
Version of SNMP used to send the trap, either v1, v2c, or v3.
show snmp interface
To display the interface index identification numbers (ifIndex values) for all the interfaces or a specified interface, use the show snmp interface command in EXEC mode.
Syntax Description
type
(Optional) Interface type. For more information, use the question mark (?) online help function.
interface-path-id
(Optional) Physical interface or virtual interface.
Note Use the show interfaces command to see a list of all interfaces currently configured on the router.
For more information about the syntax for the router, use the question mark (?) online help function.
ifindex
(Optional) Displays the ifIndex value for the specified interface.
Command Default
Enter the show snmp interface command without keywords or arguments to display the ifIndex value for all interfaces.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
This example displays the ifIndex value for a specific interface:
RP/0/RP0/CPU0:router# show snmp interface pos 0/1/0/1 ifindex ifName : POS0/1/0/1 ifIndex : 12The following example displays the ifIndex value for all interfaces:
RP/0/RP0/CPU0:router# show snmp interface ifName : Loopback0 ifIndex : 1 ifName : POS0/1/0/1 ifIndex : 12 ifName : POS0/1/4/2 ifIndex : 14 ifName : POS0/1/4/3 ifIndex : 15 ifName : POS0/6/0/1 ifIndex : 2 ifName : POS0/6/4/4 ifIndex : 18 ifName : POS0/6/4/5 ifIndex : 19 ifName : POS0/6/4/6 ifIndex : 20 ifName : Bundle-POS24 ifIndex : 4 ifName : Bundle-Ether28 ifIndex : 5 ifName : Bundle-Ether28.1 ifIndex : 7 ifName : Bundle-Ether28.2 ifIndex : 8 ifName : Bundle-Ether28.3 ifIndex : 9 ifName : MgmtEth0/RP0/CPU0/0 ifIndex : 6 ifName : MgmtEth0/RP1/CPU0/0 ifIndex : 10 ifName : GigabitEthernet0/1/5/0 ifIndex : 11 ifName : GigabitEthernet0/1/5/1 ifIndex : 13 ifName : GigabitEthernet0/1/5/2 ifIndex : 3 ifName : GigabitEthernet0/6/5/1 ifIndex : 16 ifName : GigabitEthernet0/6/5/2 ifIndex : 17 ifName : GigabitEthernet0/6/5/7 ifIndex : 21show snmp interface notification
To display the linkUp and linkDown notification status for a subset of interfaces, use the show snmp interface notification command in EXEC mode.
show snmp interface notification { subset subset-number | regular-expression expression | [ type interface-path-id ] }
Syntax Description
subset subset-number Specifies the identifier of the interface subset. The subset-number argument is configured using the snmp-server interface subset command.
regular-expression expression Specifies a subset of interfaces matching a regular expression, for which to display information.
type
(Optional) Interface type. For more information, use the question mark (?) online help function.
interface-path-id
(Optional) Physical interface or virtual interface.
Note Use the show interfaces command to see a list of all interfaces currently configured on the router.
For more information about the syntax for the router, use the question mark ( ? ) online help function.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Regular expressions have two constraints:
- Regular expressions must always be entered within double quotes to ensure that the CLI interprets each character correctly.
- All characters that are part of a regular expression are considered regular characters with no special meaning. In order to enter special characters, such as "\" or "?," they must be preceded by the backslash character "\." For example, to enter the regular expression ([A-Z][A-Z0-9]*)\b[^>]*>(.*?)</\1, you would enter ([A-Z][A-Z0-9]*)\\b[^>]*>(.*\?)</\\1.
Refer to the Understanding Regular Expressions, Special Characters, and Patterns module in Cisco IOS XR Getting Started Guide for the Cisco CRS Router for more information regarding regular expressions.
When using the subset or regular-expression keywords, the actual display might not match the configuration if there are higher priority subset-number values that actually apply to the interface. This can happen for a set of interfaces that are included in two or more configured regular expressions or where an individual interface configuration is enabled.
Task ID
Examples
The following example illustrates how to display linkUp and linkDown notification status for a subset of interfaces identified by a specific subset-number :
RP/0/RP0/CPU0:router# show snmp interface notification subset 3
This example illustrates how to display linkUp and linkDown notification status for a subset of interfaces identified by a regular expression:
RP/0/RP0/CPU0:router# show snmp interface notification regular-expression "^Gig[a-zA-Z]+[0-9/]+\."
show snmp interface regular-expression
To display interface names and indices assigned to interfaces that match a regular expression, use the show snmp interface regular-expression command in EXEC mode.
Syntax Description
expression Specifies a subset of interfaces matching a regular expression, for which to display information.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
All characters that are part of a regular expression are considered regular characters with no special meaning. In order to enter special characters, such as "\" or "?," they must be preceded by the backslash character "\." For example, to enter the regular expression ([A-Z][A-Z0-9]*)\b[^>]*>(.*?)</\1, you would enter ([A-Z][A-Z0-9]*)\\b[^>]*>(.*\?)</\\1.
Refer to the Understanding Regular Expressions, Special Characters, and Patterns module in Cisco IOS XR Getting Started Guide for the Cisco CRS Router for more information regarding regular expressions.
Task ID
Examples
This example illustrates how to display information for interfaces that match the given regular expression:
RP/0/RP0/CPU0:router# show snmp interface regular-expression "^Gig[a-zA-Z]+[0-9/]+\."show snmp mib
To display a list of MIB module object identifiers (OIDs) registered on the system, use the show snmp mib command in EXEC mode.
Syntax Description
object-name
(Optional) Specific MIB object identifier or object name.
dll
(Optional) Displays a list of all MIB DLL filenames and the OID supported by each DLL filename on the system.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.8.0
The detailed keyword was not supported.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the show snmp mib command to display a list of the MIB module instance identifiers registered on the system.
Although the show snmp mib command can be used to display a list of MIB OIDs registered on the system, the use of a Network Management System (NMS) application is the recommended alternative for gathering this information.
The show snmp mib command is intended only for network managers who are familiar with Abstract Syntax Notation One (ASN.1) syntax and the Structure of Management Information (SMI) of Open Systems Interconnection (OSI) Reference Model.
SNMP management information is viewed as a collection of managed objects residing in a virtual information store termed the MIB. Collections of related objects are defined in MIB modules. These modules are written using a subset of ASN.1 termed the SMI.
The definitions for the OIDs displayed by this command can be found in the relevant RFCs and MIB modules. For example, RFC 1907 defines the system.x, sysOREntry.x, snmp.x, and snmpTrap.x OIDs, and this information is supplemented by the extensions defined in the CISCO-SYSTEM-MIB.
Use the detailed keyword to display a list of the MIB module instance identifiers registered on the system. The output displays additional details, such as DLL and configuration information.
Use the dll keyword to display a list of the MIB modules loaded into the agent. This command can be used to find the supported MIBs.
Note
This command produces a high volume of output if SNMP is enabled on the system. To exit from a --More-- prompt, press Crtl-Z.
Task ID
Examples
The following example shows sample output from the show snmp mib command:
RP/0/RP0/CPU0:router# show snmp mib 1.3.6.1.2.1.47.1.1.1.1.2 1.3.6.1.2.1.47.1.1.1.1.3 1.3.6.1.2.1.47.1.1.1.1.4 1.3.6.1.2.1.47.1.1.1.1.5 1.3.6.1.2.1.47.1.1.1.1.6 1.3.6.1.2.1.47.1.1.1.1.7 1.3.6.1.2.1.47.1.1.1.1.8 1.3.6.1.2.1.47.1.1.1.1.9 1.3.6.1.2.1.47.1.1.1.1.10 1.3.6.1.2.1.47.1.1.1.1.11 1.3.6.1.2.1.47.1.1.1.1.12 1.3.6.1.2.1.47.1.1.1.1.13 1.3.6.1.2.1.47.1.1.1.1.14 1.3.6.1.2.1.47.1.1.1.1.15 1.3.6.1.2.1.47.1.1.1.1.16 1.3.6.1.2.1.47.1.2.1.1.2 1.3.6.1.2.1.47.1.2.1.1.3 1.3.6.1.2.1.47.1.2.1.1.4 1.3.6.1.2.1.47.1.2.1.1.5 1.3.6.1.2.1.47.1.2.1.1.6 1.3.6.1.2.1.47.1.2.1.1.7 1.3.6.1.2.1.47.1.2.1.1.8 1.3.6.1.2.1.47.1.3.1.1.1 --More-This example shows sample output from the show snmp mib command with the detailed keyword:
RP/0/RP0/CPU0:router# show snmp mib detailed Entitymib:dll=/pkg/lib/mib/libEntitymib.dll, config=Entity.mib, loaded 1.3.6.1.2.1.47.1.1.1.1.2 1.3.6.1.2.1.47.1.1.1.1.3 1.3.6.1.2.1.47.1.1.1.1.4 1.3.6.1.2.1.47.1.1.1.1.5 1.3.6.1.2.1.47.1.1.1.1.6 1.3.6.1.2.1.47.1.1.1.1.7 1.3.6.1.2.1.47.1.1.1.1.8 1.3.6.1.2.1.47.1.1.1.1.9 1.3.6.1.2.1.47.1.1.1.1.10 1.3.6.1.2.1.47.1.1.1.1.11 1.3.6.1.2.1.47.1.1.1.1.12 1.3.6.1.2.1.47.1.1.1.1.13 1.3.6.1.2.1.47.1.1.1.1.14 1.3.6.1.2.1.47.1.1.1.1.15 1.3.6.1.2.1.47.1.1.1.1.16 1.3.6.1.2.1.47.1.2.1.1.2 1.3.6.1.2.1.47.1.2.1.1.3 1.3.6.1.2.1.47.1.2.1.1.4 1.3.6.1.2.1.47.1.2.1.1.5 1.3.6.1.2.1.47.1.2.1.1.6 1.3.6.1.2.1.47.1.2.1.1.7 1.3.6.1.2.1.47.1.2.1.1.8 --More--This example shows sample output from the show snmp mib command with the dll keyword:
RP/0/RP0/CPU0:router# show snmp mib dll Entitymib:dll=/pkg/lib/mib/libEntitymib.dll, config=Entity.mib, loaded bgp4mib:dll=/pkg/lib/mib/libbgp4mib.dll, config=bgp4.mib, loaded cdpmib:dll=/pkg/lib/mib/libcdpmib.dll, config=cdp.mib, loaded ciscoprocessmib:dll=/pkg/lib/mib/libciscoprocessmib.dll, config=ciscoprocess.mib, loaded ciscosyslogmib:dll=/pkg/lib/mib/libciscosyslogmib.dll, config=ciscosyslog.mib, loaded ciscosystemmib:dll=/pkg/lib/mib/libciscosystemmib.dll, config=ciscosystem.mib, loaded confcopymib:dll=/pkg/lib/mib/libconfcopymib.dll, config=confcopy.mib, loaded configmanmib:dll=/pkg/lib/mib/libconfigmanmib.dll, config=configman.mib, loaded dot3admib:dll=/pkg/lib/mib/libdot3admib.dll, config=dot3ad.mib, loaded fabhfrmib:dll=/pkg/lib/mib/libfabhfrmib.dll, config=fabhfr.mib, loaded fabmcastapplmib:dll=/pkg/lib/mib/libfabmcastapplmib.dll, config=fabmcastappl.mib, loaded fabmcastmib:dll=/pkg/lib/mib/libfabmcastmib.dll, config=fabmcast.mib, loaded flashmib:dll=/pkg/lib/mib/libflashmib.dll, config=flash.mib, loaded hsrpmib:dll=/pkg/lib/mib/libhsrpmib.dll, config=hsrp.mib, loaded icmpmib:dll=/pkg/lib/mib/libicmpmib.dll, config=icmp.mib, loaded ifmib:dll=/pkg/lib/mib/libifmib.dll, config=if.mib, loaded ipmib:dll=/pkg/lib/mib/libipmib.dll, config=ip.mib, loaded mempoolmib:dll=/pkg/lib/mib/libmempoolmib.dll, config=mempool.mib, loaded mplsldpmib:dll=/pkg/lib/mib/libmplsldpmib.dll, config=mplsldp.mib, loaded . . .show snmp request duplicates
To display the number of duplicate protocol data unit (PDU) requests dropped by the SNMP agent, use the show snmp request duplicates command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
show snmp users
To display information about the configured characteristics of Simple Network Management Protocol (SNMP) users, use the show snmp users command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
An SNMP user must be part of an SNMP group, as configured using the snmp-server user command.
Use the show snmp users command to display information about all configured users.
When configuring SNMP, you may see the logging message “Configuring snmpv3 USM user.” USM stands for the User-Based Security Model (USM) for SNMP Version 3 (SNMPv3). For further information about USM, see RFC 3414, User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3).
Task ID
Examples
This example shows sample output from the show snmp users command:
RP/0/RP0/CPU0:router# show snmp users User name:user1 Engine ID:localSnmpID storage-type:nonvolatile active
Table 6 show snmp users Field Descriptions Field
Definition
User name
String identifying the name of the SNMP user.
Engine ID
String identifying the name of the copy of SNMP on the device.
storage-type
Settings that are set in volatile or temporary memory on the device, or in nonvolatile or persistent memory where settings remain after the device is turned off and on again.
show snmp view
To display the configured views and the associated MIB view family name, storage type, and status, use the show snmp view command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
This example shows sample output from the show snmp view command:
RP/0/RP0/CPU0:router# show snmp view view1 1.3 - included nonVolatile active v1default 1.3.6.1 - included nonVolatile activesnmp-server chassis-id
To provide a message line identifying the Simple Network Management Protocol (SNMP) server serial number, use the snmp-server chassis-id command in global configuration mode. To restore the default value, if any, use the no form of this command.
Syntax Description
Command Default
On hardware platforms, where the serial number can be read by the device, the default is the serial number. For example, some Cisco devices have default chassis ID values of their serial numbers.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server chassis-id command to provide a message line identifying the SNMP server serial number.
The chassis ID message can be displayed with the show snmp command.
Task ID
snmp-server community
To configure the community access string to permit access to the Simple Network Management Protocol (SNMP), use the snmp-server community command in global configuration mode. To remove the specified community string, use the no form of this command.
snmp-server community [ clear | encrypted ] community-string [ view view-name ] [ RO | RW ] [ SDROwner | SystemOwner ] [access-list-name]
no snmp-server community community-string
Syntax Description
clear
(Optional) Specifies that the entered community-string is clear text and should be encrypted when displayed by the show running command.
encrypted
(Optional) Specifies that the entered community-string is encrypted text and should be displayed as such by the show running command.
community-string
Community string that acts like a password and permits access to the SNMP protocol. The maximum length of the community-string argument is 32 alphabetic characters.
If the clear keyword was used, community-string is assumed to be clear text. If the encrypted keyword was used, community-string is assumed to be encrypted. If neither was used, community-string is assumed to be clear text.
view view-name
(Optional) Specifies the name of a previously defined view. The view defines the objects available to the community.
RO
(Optional) Specifies read-only access. Authorized management stations are able only to retrieve MIB objects.
RW
(Optional) Specifies read-write access. Authorized management stations are able both to retrieve and to modify MIB objects.
SDROwner
(Optional) Limits access to the owner service domain router (SDR).
SystemOwner
(Optional) Provides system-wide access including access to all non-owner SDRs.
access-list-name
(Optional) Name of an access list of IP addresses allowed to use the community string to gain access to the SNMP agent.
Command Default
By default, an SNMP community string permits read-only access to all MIB objects.
By default, a community string is assigned to the SDR owner.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.3.0
The optional keywords LROwner and SystemOwner were added.
Release 3.6.0
The LROwner keyword was changed to SDROwner .
The clear and encrypted keywords were added.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server community command to configure the community access string to permit access to SNMP.
To remove the specified community string, use the no form of this command.
Use the clear keyword to specify that the clear text community string you enter is displayed encrypted in the show running command output. To enter an encrypted string, use the encrypted keyword. To enter a clear text community string that is not encrypted by the system, use neither of these keywords.
When the snmp-server community command is entered with the SDROwner keyword, SNMP access is granted only to the MIB object instances in the owner SDR.
When the snmp-server community command is entered with the SystemOwner keyword, SNMP access is granted to all SDRs in the system.
Note
In a non-owner SDR, a community name provides access only to the object instances that belong to that SDR, regardless of the access privilege assigned to the community name. Access to the owner SDR and system-wide access privileges are available only from the owner SDR.
Task ID
Examples
This example shows how to assign the string comaccess to SNMP, allowing read-only access, and to specify that IP access list 4 can use the community string:
RP/0/RP0/CPU0:router(config)# snmp-server community comaccess ro 4The following example shows how to assign the string mgr to SNMP, allowing read-write access to the objects in the restricted view:
RP/0/RP0/CPU0:router(config)# snmp-server community mgr view restricted rwThis example shows how to remove the community comaccess:
RP/0/RP0/CPU0:router(config)#no snmp-server community comaccesssnmp-server community-map
To associate a Simple Network Management Protocol (SNMP) community with an SNMP context, security name, or a target-list use the snmp-server community-map command in global configuration mode. To change an SNMP community mapping to its default mapping, use the no form of this command.
snmp-server community-map [ clear | encrypted ] community-string [ context context-name ] [ security-name security-name ] [ target-list target ]
no snmp-server community-map [ clear | encrypted ] community-string
Syntax Description
clear
(Optional) Specifies that the community-string argument is clear text.
encrypted
(Optional) Specifies that the community-string argument is encrypted text.
community-string
Name of the community.
context context-name
(Optional) Name of the SNMP context to which this community name is to be mapped.
security-name security-name
(Optional) Security name for this community. By default, the string is the security name.
target-list target
(Optional) Name of the target list for this community.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server community-map command to map an SNMPv1 or SNMPv2c community name to one or more of the following:
- context name—Maps a community name to a specific SNMP context name. This allows MIB instances in an SNMP context to be accessed through SNMPv1 or SNMPv2c using this community name.
- security name—By default, the community name is used to authenticate SNMPv1 and SNMPv2c. Configure a security name for a community name to override the default and authenticate SNMP with the security name.
- target—Target list identifies a list of valid hosts from which SNMP access can be made using a specific security name. When such mapping is done for a particular community name, SNMP access is allowed only from hosts included in the target list.
Use the clear keyword to specify that the clear text community string you enter is displayed encrypted in the show running command output. To enter an encrypted string, use the encrypted keyword. To enter a clear text community string that is not encrypted by the system, use neither of these keywords.
Task ID
Examples
This example maps the community name “sample 2” to the SNMP context name “sample1”:
RP/0/RP0/CPU0:router(config)# snmp-server community-map sample2 context sample1snmp-server contact
To set the Simple Network Management Protocol (SNMP) system contact, use the snmp-server contact command in global configuration mode. To remove the system contact information, use the no form of this command.
Syntax Description
system-contact-string
String that describes the system contact information. The maximum string length is 255 alphanumeric characters.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server contact command to set the system contact string. Use the no form of this command to remove the system contact information.
Task ID
snmp-server context
To create a Simple Network Management Protocol (SNMP) context, use the snmp-server context command in global configuration mode. To remove an SNMP context, use the no form of this command.
Syntax Description
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
This command creates an SNMP context. By default, all the SNMP MIB instances are in a default context. Create an SNMP context and map it to a particular feature to enable similar instances of the same object to co-exist in different SNMP contexts.
Task ID
Examples
This example creates a new SNMP context named “sample1”:
RP/0/RP0/CPU0:router(config)# snmp-server context sample1Related Commands
Command
Description
snmp-server community-map Associates an SNMP community with an SNMP context, security name, or a target list.
Configures the VRF properties of SNMP.
snmp-server engineid local
To specify Simple Network Management Protocol (SNMP) engine ID on the local device, use the snmp-server engineid local command in global configuration mode. To return the engine ID to the default, use the no form of this command.
Syntax Description
engine-id
Character string that identifies the engine ID. Consists of up to 24 characters in hexadecimal format. Each hexadecimal number is separated by a colon (:).
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
This example shows how to configure the SNMP engine ID on the local device:
RP/0/RP0/CPU0:Router(config)# snmp-server engineID local 00:00:00:09:00:00:00:a1:61:6c:20:61snmp-server engineid remote
To specify a Simple Network Management Protocol (SNMP) engine ID on a remote device, use the snmp-server engineid remote command in global configuration mode. To return the engine ID to the default, use the no form of this command.
snmp-server engineid remote ip-address engine-id udp-port port
no snmp-server engineid remote ip-address engine-id udp-port port
Syntax Description
ip-address IP address of remote SNMP notification host
engine-id Character string that identifies the engine ID. Consists of up to 24 characters in hexadecimal format. Each hexadecimal number is separated by a colon (:).
udp-port port (Optional) Specifies the User Datagram Protocol (UDP) port of the host to use. Range is from 1 to 65535. The default UDP port is 161.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
This example shows how to configure the SNMP engine ID on the local device:
RP/0/RP0/CPU0:Router(config)# snmp-server engineID remote 172.16.4.1 00:00:00:09:00:00:00:a1:61:6c:20:61snmp-server entityindex persist
To enable the persistent storage of ENTITY-MIB data across process restarts, switchovers, and device reloads, use the snmp-server entityindex persist command in global configuration mode. To disable the persistent storage of ENTITY-MIB data, use the no form of this command.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
Example
This example illustrates how to enable persistent storage of ENTITY-MIB indices:
RP/0/RP0/CPU0:router(config)# snmp-server entityindex persistsnmp-server group
To configure a new Simple Network Management Protocol (SNMP) group, or a table that maps SNMP users to SNMP views, use the snmp-server group command in global configuration mode. To remove a specified SNMP group, use the no form of this command.
snmp-server group name { v1 | v2c | v3 { auth | noauth | priv } } [ read view ] [ write view ] [ notify view ] [ context context-name ] [access-list-name]
no snmp-server group name
Syntax Description
name
Name of the group.
v1
Specifies a group that uses the SNMPv1 security model. The SNMP v1 security model is the least secure of the possible security models.
v2c
Specifies a group that uses the SNMPv2c security model. The SNMPv2c security model is the second least secure of the possible security models.
v3
Specifies a group that uses the SNMPv3 security model. The SNMP v3 security is the most secure of the possible security models.
auth
Specifies authentication of a packet without encrypting it.
noauth
Specifies no authentication of a packet.
priv
Specifies authentication of a packet with encryption.
read view
(Optional) Specifies a read view string (not to exceed 64 characters) that is the name of the view that allows only the contents of the agent to be viewed.
write view
(Optional) Specifies a write view string (not to exceed 64 characters) that is the name of the view used to enter data and configure the contents of the agent.
notify view
(Optional) Specifies a notify view string (not to exceed 64 characters) that is the name of the view used to specify a notify or trap.
context context-name
(Optional) Specifies the SNMP context to associate with this SNMP group and associated views.
access-list-name
(Optional) Access list string (not to exceed 64 characters) that is the name of the access list.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.2
The access keyword was removed.
Release 3.3.0
Support was added for the context context-name keyword and argument.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
This table describes the default values for the different views:
Table 7 snmp-server group Default DescriptionsDefault
Definition
read view
Assumed to be every object belonging to the Internet (1.3.6.1) object identifier (OID) space, unless the user uses the read option to override this state.
write view
Nothing is defined for the write view (that is, the null OID). You must configure write access.
notify view
Nothing is defined for the notify view (that is, the null OID). If a view is specified, any notifications in that view that are generated are sent to all users associated with the group (provided an SNMP server host configuration exists for the user).
Configuring Notify Views
Do not specify a notify view when configuring an SNMP group for the following reasons:
- The snmp-server host command autogenerates a notify view for the user, and then adds it to the group associated with that user.
- Modifying the notify view of the group affects all users associated with that group.
The notify view option is available for two reasons:
- If a group has a notify view that is set using SNMP, you may need to change the notify view.
- The snmp-server host command may have been configured before the snmp-server group command. In this case, reconfigure the snmp-server host command or specify the appropriate notify view.
Instead of specifying the notify view for a group as part of the snmp-server group command, use the following commands in global configuration mode:
Working with Passwords and Digests
No default values exist for authentication or privacy algorithms when this command is configured. In addition, no default passwords exist. The minimum length for a password is one character, although we recommend using eight characters for security. A plain-text password or localized Message Digest 5 (MD5) password can be specified. Forgotten passwords cannot be recovered, and the user must be reconfigured.
SNMP Contexts
SNMP contexts provide Virtual Private Network (VPN) users with a secure way of accessing MIB data. When a VPN is associated with a context, that VPN’s specific MIB data exists in that context. Associating a VPN with a context enables service providers to manage networks with multiple VPNs. Creating and associating a context with a VPN enables a provider to prevent the users of one VPN from accessing information about users of other VPNs on the same networking device.
Task ID
Examples
The following example shows how to configure an SNMP version 3 group named group1 that requires the authentication of packets with encryption:
RP/0/RP0/CPU0:router(config)# snmp-server group group1 v3 privsnmp-server host
To specify the recipient of a Simple Network Management Protocol (SNMP) notification operation, use the snmp-server host command in global configuration mode. To remove the specified host, use the no form of this command.
snmp-server host address [ clear | encrypted ] [informs] [traps] [ version { 1 | 2c | 3 { auth | noauth | priv } } ] community-string [ udp-port port ] [notification-type]
no snmp-server host address [ clear | encrypted ] [informs] [traps] [ version { 1 | 2c | 3 { auth | noauth | priv } } ] community-string [ udp-port port ] [notification-type]
Syntax Description
Command Default
This command is disabled by default. No notifications are sent.
The default UDP port is 161.
When this command is entered without keywords, the default is to send all trap types to the host.
If no version keyword is entered, the default is version 1.
If version 3 is specified, but the security level is not specified, the default security level is noauth.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 4.1.0
The informs keyword was added.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
SNMP notifications can be sent as traps. Traps are unreliable because the receiver does not send acknowledgments when it receives traps. The sender cannot determine if the traps were received. Traps are discarded as soon as they are sent. Traps are also sent only once.
When the snmp-server host command is not entered, no notifications are sent. To configure the device to send SNMP notifications, configure at least one snmp-server host command. When the command is entered without keywords, all trap types are enabled for the host.
To enable multiple hosts, issue a separate snmp-server host command for each host. You can specify multiple notification types in the command for each host.
When multiple snmp-server host commands are given for the same host and kind of notification (trap), each succeeding snmp-server host command overwrites the previous command. Only the last snmp-server host command is in effect. For example, if an snmp-server host command with the traps keyword is entered for a host and then another command with the traps keyword is entered for the same host, the second command replaces the first.
Either a host name or IP address can be used to specify the host.
The snmp-server host command is used with the snmp-server engineid command. Use the snmp-server traps command to specify which SNMP notifications are sent globally. For a host to receive most notifications, at least one snmp-server traps command and the snmp-server host command for that host must be enabled.
However, some notification types cannot be controlled with the snmp-server traps command. For example, some notification types are always enabled. Other notification types are enabled by a different command.
The availability of a notification-type depends on the device type and Cisco software features supported on the device.
To display which notification types are available on the system, use the question mark (?) online help function at the end of the snmp-server host command.
The no snmp-server host command used with no keywords disables traps.
Use the clear keyword to specify that the clear text community string you enter is displayed encrypted in the show running command output. To enter an encrypted string, use the encrypted keyword. To enter a clear text community string that is not encrypted by the system, use neither of these keywords.
If the informs keyword is used, the SNMP version can be only SNMPv2C or SNMPv3.
Task ID
Examples
This example shows how to send RFC 1157 SNMP traps to the host specified by the name myhost.cisco.com. Other traps are enabled, but only SNMP traps are sent because only the snmp keyword is specified in the snmp-server host command. The community string is defined as comaccess.
RP/0/RP0/CPU0:router(config)# snmp-server traps RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com comaccess snmpThis example shows how to send the SNMP traps to address 172.30.2.160:
RP/0/RP0/CPU0:router(config)# snmp-server traps snmp RP/0/RP0/CPU0:router(config)# snmp-server host 172.30.2.160 public snmpThis example shows how to enable the router to send all traps to the host, myhost.cisco.com, using the community string public:
RP/0/RP0/CPU0:router(config)# snmp-server traps RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com publicThis example shows how to prevent traps from being sent to any host. The BGP traps are enabled for all hosts, but only the configuration traps are enabled to be sent to a host.
RP/0/RP0/CPU0:router(config)# snmp-server traps bgp RP/0/RP0/CPU0:router(config)# snmp-server host hostabc public configThis example shows how to send SNMPv3 informs to a host:
RP/0/RP0/CPU0:router(config)# snmp-server host 172.30.2.160 informs version 3snmp-server ifindex persist
To enable ifIndex persistence globally on all Simple Network Management Protocol (SNMP) interfaces, use the snmp-server ifindex persist command in global configuration mode. To disable global interface persistence, use the no form of this command.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server ifindex persist command to enable ifIndex persistence on all interfaces that have entries in the ifIndex table of the IF-MIB. When enabled, this command retains the mapping between the ifName object values and the ifIndex object values (generated from the IF-MIB) persistent during reloads, allowing for consistent identification of specific interfaces using SNMP. Applications such as device inventory, billing, and fault detection depend on this feature.
Task ID
Examples
This example shows how to enable ifIndex persistence globally:
RP/0/RP0/CPU0:router(config)# snmp-server ifindex persistsnmp-server ifmib ifalias long
To enable the ifAlias IF-MIB object to accept an interface alias name that exceeds the 64-byte default, use the snmp-server ifmib ifalias long command. Use the no form of this command to revert to the default length.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server ifmib ifalias long command to enable the IF-MIB object ifAlias to accept an interface alias name that is greater than 64 bytes in length. The default length for the alias name is 64 bytes.
Task ID
snmp-server ifmib stats cache
To enable retrieval of cached statistics instead of real-time statistics, use the snmp-server ifmib stats cache command. To revert to the default, use the no form of this command.
Command History
Release
Modification
Release 3.3.2
This command was introduced.
Release 3.4.0
This command was not supported.
Release 3.5.0
This command was supported
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Cisco IOS XR statistics infrastructure maintains a cache of statistics for all interfaces. This cache is updated every 30 seconds. Use the snmp-server ifmib stats cache command to enable the IF-MIB to retrieve these cached statistics rather than real-time statistics. Accessing cached statistics is less CPU-intensive than accessing real-time statistics.
Task ID
snmp-server inform
To configure Simple Network Management Protocol (SNMP) inform message options, use the snmp-server inform command in global configuration mode. To revert to the default informs options, use the no form of this command.
snmp-server inform { pending max-no | retries no-retries | timeout seconds }
no snmp-server inform { pending max-no | retries no-retries | timeout seconds }
Syntax Description
pending max-no Specifies the maximum number of inform messages to hold in the queue. The default is 25.
retries no-retries Specifies the retry count for inform messages. Values can be from 1 to 100. The default is three.
timeout seconds Specifies the inform message timeout value in seconds. The default is 15.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
To enable the sending of SNMP inform messages, use the snmp-server host command with the informs keyword. When SNMP server informs are enabled, the SNMP version can be only SNMPv2C or SNMPv3.
Task ID
Examples
This example shows how to configure SNMP inform messages:
RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com informs comaccess RP/0/RP0/CPU0:router(config)# snmp-server inform pending 40 RP/0/RP0/CPU0:router(config)# snmp-server inform retries 10snmp-server interface
To enable an interface to send Simple Network Management Protocol (SNMP) trap notifications and enter SNMP interface configuration mode, use the snmp-server interface command in global configuration mode. To disable the sending of SNMP trap notifications on an interface, use the no form of this command.
Syntax Description
type
Interface type. For more information, use the question mark (?) online help function.
interface-path-id
Physical interface or virtual interface.
Note Use the show interfaces command to see a list of all interfaces currently configured on the router.
For more information about the syntax for the router, use the question mark (?) online help function.
Command Default
Ethernet interfaces are enabled to send SNMP trap notifications. SNMP trap notifications are disabled on all other physical and logical interfaces.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.2
The following keywords were removed:
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The snmp-server interface command enters SNMP interface configuration mode for you to configure the available SNMP options.
NoteIn references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RP0 or RP1) and the module is CPU0. Example: interface MgmtEth0/RP1/CPU0/0.
Task ID
Examples
This example shows how to assign ifIndex persistence on Packet-over-SONET/SDH (POS) interface 0/0/1/0:
RP/0/RP0/CPU0:router(config)# snmp-server interface pos 0/0/1/0 RP/0/RP0/CPU0:router(config-snmp-if)#snmp-server interface subset
To enter snmp-server interface subset configuration mode for a set of interfaces, use the snmp-server interface subset command in global configuration mode. To revert to the default interface settings, use the no form of this command.
snmp-server interface subset subset-number regular-expression expression
no snmp-server interface subset subset-number
Syntax Description
subset-number Identifying number of the interface subset, which also indicates its relative priority.
regular-expression expression Specifies for which subset of interfaces to enter snmp-server interface subset configuration mode. The expression argument must be entered surrounded by double quotes.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The subset-number argument is used to set the priority for an interface that matches more than one configured regular expressions. Lower values of the subset-number have a higher priority. If a single interface becomes part of a multiple-interface configured regular expression, the configuration with the lower subset-number value is applied.
Regular expressions have two constraints:
- Regular expressions must always be entered within double quotes to ensure that the CLI interprets each character correctly.
- All characters that are part of a regular expression are considered regular characters with no special meaning. In order to enter special characters, such as "\" or "?," they must be preceded by the backslash character "\." For example, to enter the regular expression ([A-Z][A-Z0-9]*)\b[^>]*>(.*?)</\1, you would enter ([A-Z][A-Z0-9]*)\\b[^>]*>(.*\?)</\\1.
Refer to the Understanding Regular Expressions, Special Characters, and Patterns module in Cisco IOS XR Getting Started Guide for the Cisco CRS Router for more information regarding regular expressions.
From the snmp-server interface mode of a subset of interfaces, SNMP linkUp and linkDown notifications can be enabled or disabled using the notification linkupdown disable command.
Task ID
Examples
This example illustrates how to configure all Gigabit Ethernet interfaces:
RP/0/RP0/CPU0:router# config RP/0/RP0/CPU0:router(config)# snmp-server int subset 2 regular-expression "^Gig[a-zA-Z]+[0-9/]+\." RP/0/RP0/CPU0:router(config-snmp-if-subset)#snmp-server ipv4 dscp
To mark packets with a specific differentiated services code point (DSCP) value, use the snmp-server ipv4 dscp command in global configuration mode. To remove matching criteria, use the no form of this command.
Syntax Description
value
Value of the DSCP. The DSCP value can be a number from 0 to 63, or it can be one of the following keywords: default, ef, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cs1, cs2, cs3, cs4, cs5, cs6, cs7.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server ipv4 dscp command to specify an IP DSCP value to give SNMP traffic higher or lower priority in your network.
Task ID
snmp-server ipv4 precedence
To mark packets with a specific precedence level to use for packet matching, use the snmp-server ipv4 precedence command in global configuration mode. To restore the system to its default interval values, use the no form of this command.
Syntax Description
value
Value of the precedence. The precedence value can be a number from 0 to 7, or it can be one of the following keywords:
- critical
Set packets with critical precedence (5)
- flash
Set packets with flash precedence (3)
- flash-override
Set packets with flash override precedence (4)
- immediate
Set packets with immediate precedence (2)
- internet
Set packets with internetwork control precedence (6)
- network
Set packets with network control precedence (7)
- priority
Set packets with priority precedence (1)
- routine
Set packets with routine precedence (0)
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server ipv4 precedence command to specify an IP Precedence value to give SNMP traffic higher or lower priority in your network.
Task ID
snmp-server location
To specify the system location for Simple Network Management Protocol (SNMP), use the snmp-server location command in global configuration mode. To remove the location string, use the no form of this command.
Syntax Description
system-location
String indicating the physical location of this device. The maximum string length is 255 alphanumeric characters.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
snmp-server mibs cbqosmib cache
To enable and configure caching of the QoS MIB statistics, use the snmp-server mibs cbqosmib cache command in global configuration mode. To disable caching, use the no form of this command.
snmp-server mibs cbqosmib cache { refresh time time | service-policy count count }
no snmp-server mibs cbqosmib cache [ refresh time time | service-policy count count ]
Syntax Description
refresh Enables QoS MIB caching with a specified cache refresh time.
time time Specifies the cache refresh time, in seconds. The time argument can be between 5 and 60. The default is 30.
service-policy Enables QoS MIB caching with a limited number of service policies to cache.
count count Specifies the maximum number of service policies to cache. The count argument can be between 1 and 5000.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
Example
This example illustrates how to enable QoS MIB caching with a refresh time:
RP/0/RP0/CPU0:router(config)# snmp-server mibs cbqosmib cache refresh time 45This example illustrates how to enable QoS MIB caching with a service policy count limitation:
RP/0/RP0/CPU0:router(config)# snmp-server mibs cbqosmib cache service-policy count 10snmp-server mibs cbqosmib persist
To enable persistent storage of the CISCO-CLASS-BASED-QOS-MIB data across process restarts, switchovers, and device reloads, use the snmp-server mibs cbqosmib persist command in global configuration mode. To disable persistent storage of the MIB data, use the no form of this command.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
Example
This example illustrates how to enable persistent storage of CISCO-CLASS-BASED-QOS-MIB data:
RP/0/RP0/CPU0:router(config)# snmp-server mibs cbqosmib persistsnmp-server mibs eventmib packet-loss
To configure the generation of SNMP traps when packet loss exceeds configured thresholds, use the snmp-server mibs eventmib packet-loss command in global configuration mode. To restore the default values, use the no form of this command.
snmp-server mibs eventmib packet-loss type interface-path-id falling lower-threshold interval sampling-interval rising upper-threshold
no snmp-server mibs eventmib packet-loss type interface-path-id
Syntax Description
type Interface type. For more information, use the question mark (?) online help function.
interface-path-id Physical interface or virtual interface.
Note Use the show interfaces command to see a list of all interfaces currently configured on the router.
For more information about the syntax for the router, use the question mark (?) online help function.
falling lower-threshold
Specifies the lower threshold for which to determine whether an mteTriggerFalling SNMP Trap is generated.
interval sampling-interval
Specifies how often the packet loss statistics are polled. The interval argument, in minutes, can be between 5 and 1440; it must be a multiple of 5.
rising upper-threshold
Specifies the upper threshold for which to determine whether an mteTriggerRising SNMP Trap is generated.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Note
A maximum of 100 interfaces can be monitored for packet loss.
Packet loss configurations using the snmp-server mibs eventmib packet-loss command cannot be modified using SNMP SET and vice versa.
When the packet loss between two intervals increases above the upper-threshold argument, an mteTriggerRising SNMP trap is generated. This trap is not generated until the packet loss drops below the lower threshold and then rises above the upper threshold.
When the packet loss between two intervals falls below the lower-threshold argument, and an SNMP mteTriggerRising trap was generated previously, an SNMP mteTriggerFalling trap is generated. The mteTriggreRising trap is not generated until the packet loss goes above the upper threshold and then falls back below the lower threshold.
The lower-threshold value (falling) should be set to a value less than or equal to the upper-threshold value (rising).
The snmp-server mibs eventmib packet-loss command is configured on a specific interface and is supported on the following cards:
- 8-port 10 Gigabit Ethernet PLIM
- 16-port OC-48c/STM-16 POS/DPT PLIM
- 1-port OC-768c/STM-256 POS PLIM
- 4-port OC-192c/STM-64 POS/DPT PLIM
- All Ethernet SPAs
- 2-port and 4-port OC-3c/STM-1 POS SPAs
- 2-port, 4-port, and 8-port OC-12c/STM-4 POS SPAs
- 2-port and 4-port OC-48c/STM-16 POS/RPR SPAs
- 1-port OC-192c/STM-64 POS/RPR SPA
snmp-server notification-log-mib
To configure the NOTIFICATION-LOG-MIB, use the snmp-server notification-log-mib command in global configuration mode. To remove the specified configuration, use the no form of this command.
snmp-server notification-log-mib { globalAgeOut time | globalSize size | default | disable | size size }
no snmp-server notification-log-mib { globalAgeOut | globalSize | default | disable | size }
Syntax Description
globalAgeOut time
Specifies how much time, in minutes, a notification remains in the log. Values for the time argument can range from 0 to 4294967295; the default is 15.
globalSize size
Specifies the maximum number of notifications that can be logged in all logs. The default is 500.
default
Specifies to create a default log.
disable
Specifies to disable logging to the default log.
size size
Specifies the maximum number of notifications that the default log can hold. The default is 500.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Logging of NOTIFICATION-LOG-MIB notifications begins when the default log is created. Named logs are not supported, therefore only the default log can be created.
Task ID
Examples
The following example creates a default log for notifications:
RP/0/RP0/CPU0:router(config)# snmp-server notification-log-mib defaultThis example removes the default log:
RP/0/RP0/CPU0:router(config)# no snmp-server notification-log-mib defaultThis example configures the size of all logs to be 1500:
RP/0/RP0/CPU0:router(config)# snmp-server notification-log-mib globalSize 1500snmp-server packetsize
To establish control over the largest Simple Network Management Protocol (SNMP) packet size permitted when the SNMP server is receiving a request or generating a reply, use the snmp-server packetsize command in global configuration mode. To restore the default value, use the no form of this command.
Syntax Description
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server packetsize command to establish control over the largest SNMP packet size permitted when the SNMP server is receiving a request or generating a reply.
Task ID
snmp-server queue-length
To establish the message queue length for each trap host for Simple Network Management Protocol (SNMP), use the snmp-server queue-length command in global configuration mode. To restore the default value, use the no form of this command.
Syntax Description
length
Integer that specifies the number of trap events that can be held before the queue must be emptied. Range is from 1 to 5000.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server queue-length command to define the length of the message queue for each trap host. After a trap message is successfully sent, Cisco IOS XR software continues to empty the queue at a throttled rate to prevent trap flooding.
Task ID
snmp-server target list
To create a Simple Network Management Protocol (SNMP) target list, use the snmp-server target list command in global configuration mode. To remove an SNMP target list, use the no form of this command.
snmp-server target list target-list { vrf vrf-name | host hostname }
no snmp-server target list target-list
Syntax Description
target-list
Name of the target list.
vrf vrf-name
Specifies the name of the VRF hosts included in the target list.
host hostname
Assigns a hostname to the target list. The hostname variable is a name or IP address.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use this command to create an SNMP target list and assign hosts to the list. When a target list is mapped to a community name using the snmp-server community-map command, SNMP access is restricted to the hosts in the target list (for that community name).
Task ID
Examples
In this example, a new target list “sample3” is created and assigned to the vrf server “server2:”
RP/0/RP0/CPU0:router(config)# snmp-server target list sample3 vrf server2snmp-server throttle-time
To specify the throttle time for handling incoming Simple Network Management Protocol (SNMP) messages, use the snmp-server throttle-time command in global configuration mode. To restore the throttle time to its default value, use the no form of this command.
Syntax Description
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
In the following example, the throttle time is set to 500 milliseconds:
RP/0/RP0/CPU0:router(config)# snmp-server throttle-time 500snmp-server timeouts subagent
To change the timeout used by the SNMP agent while it waits for a response from a subagent, use the snmp-server timeouts subagent command in global configuration mode. SNMP subagents are feature-specific entities that register with the SNMP agent and implement sets of MIB objects.
Syntax Description
timeout
The timeout used by the SNMP agent when waiting for a response from a MIB module, in seconds. The default is 10.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
snmp-server trap authentication vrf disable
To disable authentication traps on VPNs, use the snmp-server trap authentication vrf disable command in global configuration mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
This example illustrates how to disable authentication traps on VPNs:
RP/0/RP0/CPU0:router(config)# snmp-server trap authentication vrf disablesnmp-server trap link ietf
To enable the varbind used for linkUp and linkDown SNMP traps to utilize the RFC 2863 standard varbind, use the snmp-server trap link ietf command in global configuration mode. To restore the default value, use the no form of this command..
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
For more information about linkUP and linkDown notifications, see RFC 2863, The Interface Group MIB, and RFC 3418, Management Information Base (MIB) for the Simple Network Management Protocol (SNMP).
Task ID
Examples
This example shows how to enable the RFC 2863 standard varbind:
RP/0/RP0/CPU0:router# snmp-server trap link ietfRelated Commands
snmp-server trap throttle-time
To specify the throttle time for handling more Simple Network Management Protocol (SNMP) traps, use the snmp-server trap throttle-time command in global configuration mode. To restore the throttle time to its default value, use the no form of this command.
Syntax Description
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
Examples
In the following example, the trap throttle time is set to 500 milliseconds:
RP/0/RP0/CPU0:router(config)# snmp-server trap throttle-time 500snmp-server traps
To enable Simple Network Management Protocol (SNMP) trap notifications, use the snmp-server traps command in global configuration mode. To disable SNMP notifications, use the no form of this command.
Syntax Description
notification-type
(Optional) Type of notification (trap) to enable or disable. If no type is specified, all notifications available on the device are enabled or disabled.
The notification type can be one or more of the following keywords:
- bfd
Enables Bidirectional Forwarding Detection (BFD) traps.
- bgp
Enables BGP4-MIB and CISCO-BGP4-MIB traps.
- bridgemib
Enables SNMP traps for the Bridge MIB.
- config
Controls configuration notifications, as defined in the CISCO-CONFIG-MAN-MIB (enterprise 1.3.6.1.4.1.9.9.43.2). The notification type is: (1) ciscoConfigManEvent.
- copy-complete
Enables CISCO-CONFIG-COPY-MIB ccCopyCompletion traps.
- ds1
Enables SNMP Cisco DS1 traps.
- ds2
Enables SNMP Cisco DS2 traps.
- entity
Controls Entity MIB modification notifications. This notification type is defined in the ENTITY-MIB (enterprise 1.3.6.1.2.1.47.2) as: (1) entConfigChange.
- ethernet
Enables Ethernet link OAM and 802.1ag connectivity fault management traps.
- fabric bundle
Enables SNMP fabric bundle traps.
- fabric plane
Enables SNMP fabric plane state-change traps.
- flash insertion
Enables ciscoFlashDeviceInsertedNotif.
- flash removal
Enables ciscoFlashDeviceRemovedNotif.
- fru-ctrl
Enables SNMP entity field-replaceable unit (FRU) control traps.
- hsrp
Enables SNMP HSRP traps.
- ipsec tunnel start
Enables SNMP IPsec tunnel start traps.
- ipsec tunnel stop
Enables SNMP IPsec tunnel stop traps.
- isakmp
Enables ISAKMP traps.
- l2vpn all
Enables all Layer 2 VPN traps.
- l2vpn vc-down
Enables Layer 2 VPN VC down traps.
- l2vpn vc-up
Enables Layer 2 VPN VC up traps.
- mpls frr all
Enables all MPLS fast reroute MIB traps.
- mpls frr protected
Enables MPLS fast reroute tunnel protected traps.
- mpls ldp
Enables SNMP Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) traps.
- mpls traffic-eng
Enables SNMP MPLS traffic engineering traps.
- msdp peer-state-change
Enables SNMP MSDP Peer state change traps.
- ntp
Enables SNMP Cisco NTP traps.
- otn
Enables SNMP Cisco optical transport network (OTN) traps.
- pim
Enables SNMP PIM traps.
- rf
Enables RF-MIB traps.
- sensor
Enables SNMP entity sensor traps.
- snmp
Enables SNMP traps.
- sonet
Enables SONET traps.
- syslog
Controls error message notifications (Cisco-syslog-MIB). Specify the level of messages to be sent with the logging history command.
- system
Enables SNMP SYSTEMMIB-MIB traps.
- vpls
Enables virtual private LAN service (VPLS) traps.
- vrrp events
Enables Virtual Router Redundancy Protocol (VRRP) traps.
Note To display the trap notifications supported on a platform, use the online help ( ? ) function.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server traps command to enable trap requests for the specified notification types. To configure the router to send SNMP notifications, specify at least one snmp-server traps command. When the command is entered with no keyword, all notification types are enabled. When a notification type keyword is specified, only the notification type related to that keyword is enabled. To enable multiple types of notifications, issue a separate snmp-server traps command for each notification type.
More information about individual MIBs can be found in the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
The snmp-server traps command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Task ID
Some SNMP trap notifications require additional Task IDs as indicated in the following table:
Notification Type
Task ID
Operations
bfd
bgp
read, write
ospf
read, write
isis
read, write
mpls-te
read, write
snmp
read, write
bgp
bgp
read, write
copy-complete
config-services
read, write
ipsec
crypto
read, write
isakmp
crypto
read, write
l2vpn
l2vpn
read, write
mpls frr
mpls-ldp
read, write
mpls-te
read, write
mpls l3vpn
ipv4
read, write
mpls-ldp
read, write
mpls-te
read, write
mpls ldp
mpls-ldp
read, write
mpls-te
read, write
mpls traffic-eng
mpls-ldp
read, write
mpls-te
read, write
ospf
ospf
read, write
syslog
sysmgr
read, write
vpls
l2vpn
read, write
Examples
This example shows how to enable the router to send all traps to the host specified by the name myhost.cisco.com, using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com publicsnmp-server traps bgp
To enable Border Gateway Protocol (BGP) state-change Simple Network Management Protocol (SNMP) notifications, use the snmp-server traps bgp command in global configuration mode. To disable BGP state-change SNMP notifications, use the no form of this command.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.2
The enable keyword was removed from the command name.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
SNMP notifications can be sent as traps.
Use the snmp-server traps bgp command to enable or disable BGP server state-change notifications, as defined in the BGP4-MIB (enterprise 1.3.6.1.2.1.15.7). The notifications types are:
The BGP notifications are defined in the BGP-4 MIB as follows:
bgpTraps OBJECT IDENTIFIER ::= { bgp 7 } bgpEstablished NOTIFICATION-TYPE OBJECTS { bgpPeerLastError, bgpPeerState } STATUS current DESCRIPTION "The BGP Established event is generated when the BGP FSM enters the ESTABLISHED state." ::= { bgpTraps 1 } bgpBackwardTransition NOTIFICATION-TYPE OBJECTS { bgpPeerLastError, bgpPeerState } STATUS current DESCRIPTION "The BGPBackwardTransition Event is generated when the BGP FSM moves from a higher numbered state to a lower numbered state." ::= {bgpTraps 2}For a complete description of these notifications and additional MIB functions, see the BGP4-MIB in the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
The snmp-server traps bgp command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Task ID
Examples
The following example shows how to enable the router to send BGP state-change notifications to the host at the address myhost.cisco.com using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps bgp RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicsnmp-server traps mpls l3vpn
To enable the sending of MPLS Layer 3 VPN Simple Network Management Protocol (SNMP) notifications, use the snmp-server traps mpls l3vpn command in global configuration mode. To disable MPLS Layer 3 VPN SNMP notifications, use the no form of this command.
snmp-server traps mpls l3vpn { all | max-threshold-cleared | max-threshold-exceeded | max-threshold-reissue-notif-time seconds | mid-threshold-exceeded | vrf-down | vrf-up }
no snmp-server traps mpls l3vpn
Syntax Description
all
Enables all MPLS Layer 3 VPN traps.
max-threshold-cleared
Enables maximum threshold cleared traps.
max-threshold-exceeded
Enables maximum threshold exceeded traps.
max-threshold-reissue-notif-time seconds
Specifies the time interval for reissuing a maximum threshold notification, in seconds.
mid-threshold-exceeded
Enables mid-threshold exceeded traps.
vrf-down
Enables VRF down traps.
vrf-up
Enables VRF up traps.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
snmp-server traps ospf errors
To enable Open Shortest Path First (OSPF) error Simple Network Management Protocol (SNMP) notifications, use the snmp-server traps ospf errors command in global configuration mode. To disable OSPF error SNMP notifications, use the no form of this command.
snmp-server traps ospf errors { authentication-failure | bad-packet | config-error | virt-authentication-failure | virt-bad-packet | virt-config-error }
no snmp-server traps ospf errors { authentication-failure | bad-packet | config-error | virt-authentication-failure | virt-bad-packet | virt-config-error }
Syntax Description
authentication-failure
Enables SNMP traps for authentication failure errors on physical interfaces.
bad-packet
Enables SNMP traps for bad packet errors on physical interfaces.
config-error
Enables SNMP traps for configuration errors on physical interfaces.
virt-authentication-failure
Enables SNMP traps for authentication failure errors on virtual interfaces.
virt-bad-packet
Enables SNMP traps for bad packet errors on virtual interfaces.
virt-config-error
Enables SNMP traps for configuration errors on virtual interfaces.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
SNMP notifications can be sent as traps.
For a complete description of OSPF error notifications and additional MIB functions, see the OSPF-TRAP-MIB in the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
The snmp-server traps ospf errors command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Task ID
Examples
This example shows how to enable the router to send OSPF error notifications to the host at the address myhost.cisco.com using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps ospf errors RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicsnmp-server traps ospf lsa
To enable Open Shortest Path First (OSPF) link-state advertisement Simple Network Management Protocol (SNMP) notifications, use the snmp-server traps ospf lsa command in global configuration mode. To disable OSPF link state SNMP notifications, use the no form of this command.
snmp-server traps ospf lsa { lsa-maxage | lsa-originate }
no snmp-server traps ospf lsa { lsa-maxage | lsa-originate }
Syntax Description
lsa-maxage
Enables SNMP traps for link-state advertisement maxage.
lsa-originate
Enables SNMP traps for new link-state advertisement origination.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
SNMP notifications can be sent as traps.
For a complete description of OSPF link-state advertisement notifications and additional MIB functions, see the OSPF-TRAP-MIB in the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
The snmp-server traps ospf lsa command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Task ID
Examples
This example shows how to enable the router to send OSPF link-state advertisement notifications to the host at the address myhost.cisco.com using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps ospf lsa lsa-maxage RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicsnmp-server traps ospf retransmit
To enable Open Shortest Path First (OSPF) retransmission Simple Network Management Protocol (SNMP) notifications, use the snmp-server traps ospf retransmit command in global configuration mode. To disable OSPF retransmission SNMP notifications, use the no form of this command.
snmp-server traps ospf retransmit { packets | virt-packets }
no snmp-server traps ospf retransmit { packets | virt-packets }
Syntax Description
packets
Enables SNMP traps for packet retransmissions on physical interfaces.
virt-packets
Enables SNMP traps for packet retransmissions on virtual interfaces.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
SNMP notifications can be sent as traps.
For a complete description of OSPF retransmission notifications and additional MIB functions, see the OSPF-TRAP-MIB in the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
The snmp-server traps ospf retransmit command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Task ID
Examples
This example shows how to enable the router to send OSPF retransmission notifications to the host at the address myhost.cisco.com using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps ospf retransmit packets RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicsnmp-server traps ospf state-change neighbor-state-change
To enable Simple Network Management Protocol (SNMP) notifications for Open Shortest Path First (OSPF) neighbor state change, use the snmp-server traps ospf state-change neighbor-state-change command in global configuration mode. To disable OSPF state-change SNMP notifications, use the no form of this command.
snmp-server traps ospf state-change neighbor-state-change
no snmp-server traps ospf state-change neighbor-state-change
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
SNMP notifications can be sent as traps.
Use the snmp-server traps ospf state-change neighbor-state-change command to enable or disable OSPF server state-change notifications, as defined in the MIB. One notification type is ospfNbrStateChange.
For example, the OSPF ospfNbrStateChange notification is defined in the OSPF MIB as follows:
! ospfNbrStateChange NOTIFICATION-TYPE ! OBJECTS { ! ospfRouterId, -- The originator of the trap ! ospfNbrIpAddr, ! ospfNbrAddressLessIndex, ! ospfNbrRtrId, ! ospfNbrState -- The new state ! } ! STATUS currentFor a complete description of these notifications and additional MIB functions, see the OSPF-TRAP-MIB in the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
The snmp-server traps ospf state-change neighbor-state-change command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Task ID
Examples
The following example shows how to enable the router to send OSPF state-change notifications to the host at the address myhost.cisco.com using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps ospf state-change neighbor-state-change RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicsnmp-server traps pim interface-state-change
To enable Protocol Independent Multicast (PIM) interface status notification, use the snmp-server traps pim interface-state-change command in global configuration mode. To disable this command so no notification is sent, use the no form of this command.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Use the snmp-server traps pim interface-state-change command to send notifications when a PIM interface changes status from up to down. When the status is up, the notification signifies the restoration of a PIM interface. When the status is down, the notification signifies the loss of a PIM interface.
PIM notifications are defined in the CISCO-PIM-MIB.my and PIM-MIB.my files that can be accessed from the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
Task ID
Examples
This example shows how to use the snmp-server traps pim interface-state-change command:
RP/0/RP0/CPU0:router(config)# snmp-server traps pim interface-state-change RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicRelated Commands
Command
Description
Specifies the identification number of the local SNMP engine.
Specifies the recipient of an SNMP notification operation.
Enables notifications for monitoring invalid PIM protocol operations.
Enables PIM neighbor status down notifications.
Enables notifications indicating a change in the rendezvous point (RP) mapping information due to either Auto-RP or bootstrap router (BSR) messages.
Enables RFC 1157 SNMP notifications.
Enables SNMP notification for Cisco-syslog-MIB error messages.
snmp-server traps pim invalid-message-received
To enable notifications for monitoring invalid Protocol Independent Multicast (PIM) protocol operations, such as invalid register received and invalid join or prune received, use the snmp-server traps pim invalid-message-received command in global configuration mode. To disable this command so that no notification is sent, use the no form of this command.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
A router can receive a join or prune message in which the RP specified in the packet is not the RP for the multicast group. Or a router can receive a register message from a multicast group in which it is not the RP.
PIM notifications are defined in the CISCO-PIM-MIB.my and PIM-MIB.my files that can be accessed from the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
Task ID
Examples
The following example shows how to use the snmp-server traps pim invalid-message-received command:
RP/0/RP0/CPU0:router(config)# snmp-server traps pim invalid-message-received RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicRelated Commands
Command
Description
Specifies the identification number of the local SNMP engine.
Specifies the recipient of an SNMP notification operation.
Enables PIM interface status notification.
Enables PIM neighbor status down notifications.
Enables notifications indicating a change in the rendezvous point (RP) mapping information due to either Auto-RP or bootstrap router (BSR) messages.
Enables RFC 1157 SNMP notifications.
Enables SNMP notification for Cisco-syslog-MIB error messages.
snmp-server traps pim neighbor-change
To enable Protocol Independent Multicast (PIM) neighbor status down notifications, use the snmp-server traps pim neighbor-change command in global configuration mode. To disable PIM neighbor down notifications, use the no form of this command.
Command Default
PIM Simple Network Management Protocol (SNMP) notifications are disabled by default.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server traps pim neighbor-change command to send notifications when a PIM neighbor changes status from up to down on an interface. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
PIM notifications are defined in the CISCO-PIM-MIB.my and PIM-MIB.my files that can be accessed from the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
Task ID
Examples
This example shows how to enable the router to send PIM neighbor status down notifications to the host at the address myhost.cisco.com using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps pim neighbor-change RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicRelated Commands
Command
Description
Specifies the identification number of the local SNMP engine.
Specifies the recipient of an SNMP notification operation.
Enables PIM interface status notification.
Enables notifications for monitoring invalid PIM protocol operations.
Enables notifications indicating a change in the rendezvous point (RP) mapping information due to either Auto-RP or bootstrap router (BSR) messages.
Enables RFC 1157 SNMP notifications.
Enables SNMP notifications for Cisco-syslog-MIB error messages.
snmp-server traps pim rp-mapping-change
To enable notifications indicating a change in the rendezvous point (RP) mapping information due to either Auto-RP or bootstrap router (BSR) messages, use the snmp-server traps pim rp-mapping-change command in global configuration mode. To disable this command so no notification is sent, use the no form of this command.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
PIM notifications are defined in the CISCO-PIM-MIB.my and PIM-MIB.my files that can be accessed from the SNMP Object Navigator, available through cisco.com at http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2.
Task ID
Examples
This example shows how to use the snmp-server traps pim rp-mapping-change command:
RP/0/RP0/CPU0:router(config)# snmp-server traps pim rp-mapping-change RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicRelated Commands
Command
Description
Specifies the identification number of the local SNMP engine.
Specifies the recipient of an SNMP notification operation.
Enables PIM interface status notification.
Enables notifications for monitoring invalid PIM protocol operations.
Enables PIM neighbor status down notifications.
Enables RFC 1157 SNMP notifications.
Enables SNMP notification for Cisco-syslog-MIB error messages.
snmp-server traps rsvp
To enable the sending of Resource Reservation Protocol (RSVP) notifications, use the snmp-server traps rsvp command in global configuration mode. To disable RSVP notifications, use the no form of this command.
Syntax Description
all Enables the sending of both new flow lost flow traps.
lost-flow Enables the sending of traps when a flow is deleted.
new-flow Enables the sending of traps when a flow is created.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Task ID
snmp-server traps snmp
To enable the sending of RFC 1157 Simple Network Management Protocol (SNMP) notifications, use the snmp-server traps snmp command in global configuration mode. To disable RFC 1157 SNMP notifications, use the no form of this command.
snmp-server traps snmp [ authentication | coldstart | linkdown | linkup | warmstart ]
no snmp-server traps snmp [ authentication | coldstart | linkdown | linkup | warmstart ]
Syntax Description
authentication
(Optional) Controls the sending of SNMP authentication failure notifications.
linkup (Optional) Controls the sending of SNMP linkUp notifications
linkdown (Optional) Controls the sending of SNMP linkDown notifications
coldstart (Optional) Controls the sending of SNMP coldStart notifications.
warmstart (Optional) Controls the sending of SNMP warmStart notifications.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.2
The enable keyword was removed from the command name.
Release 3.9.0
The authentication, linkup, linkdown, coldstart, and warmstart keywords were added.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The snmp-server traps snmp command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
The optional authentication keyword controls the sending of SNMP authentication failure notifications. In order to send notifications, you must configure at least one snmp-server host command. An authentication Failure (4) trap signifies that the sending device is the addressee of a protocol message that is not properly authenticated. The authentication method depends on the version of SNMP being used. For SNMPv1 or SNMPv2c, authentication failure occurs for packets with an incorrect community string. For SNMPv3, authentication failure occurs for packets with an incorrect Secure Hash Algorithm (SHA) or Message Digest 5 (MD5) authentication key or for a packet that is outside the window of the authoritative SNMP engine.
The optional linkup keyword controls the sending of SNMP linkUp notifications. The linkUp(3) trap signifies that the sending device recognizes one of the communication links represented in the agent's configuration coming up.
The optional linkdown keyword controls the sending of SNMP linkDown notifications. The linkDown(2) trap signifies that the sending device recognizes a failure in one of the communication links represented in the agent's configuration.
The snmp-server traps snmp command with the linkup or linkdown keywords globally enables or disables SNMP linkUp and linkDown traps. After enabling either of these traps globally, you can enable or disable these traps on specific interfaces using the no notification linkupdown disable command in interface configuration mode. According to RFC 2863, linkUp and linkDown traps are enabled for interfaces that do not operate on top of any other interface (as defined in the ifStackTable), and are disabled otherwise. This means that you do not have to enable linkUp and linkdown notifications on such interfaces. However, linkUp and linkDown notifications will not be sent unless you enable them globally using the snmp-server traps snmp command.
The optional coldstart keyword controls the sending of SNMP coldStart notifications. The coldStart(0) trap signifies that the sending device is reinitializing itself such that the agent's configuration or the protocol entity implementation may be altered.
The optional warmstart keyword controls the sending of SNMP coldStart notifications. The warmStart(1) trap signifies that the sending device is reinitializing itself such that neither the agent configuration nor the protocol entity implementation is altered.
Task ID
Examples
This example shows how to enable the device to send all traps to the host myhost.cisco.com using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps snmp RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com public snmpThe following example shows how to enable only linkUp and linkDown traps:
RP/0/RP0/CPU0:router(config)# snmp-server traps snmp linkup RP/0/RP0/CPU0:router(config)# snmp-server traps snmp linkdownsnmp-server traps syslog
To enable Simple Network Management Protocol (SNMP) notifications of Cisco-syslog-MIB error messages, use the snmp-server traps syslog command in global configuration mode. To disable these types of notifications, use the no form of this command.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.2
The enable keyword was removed from the command name.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The snmp-server traps syslog command is used with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications.
Task ID
Examples
The following example shows how to enable Cisco-syslog-MIB error message notifications to the host at the address myhost.cisco.com, using the community string defined as public:
RP/0/RP0/CPU0:router(config)# snmp-server traps syslog RP/0/RP0/CPU0:router(config)# snmp-server host myhost.cisco.com version 2c publicsnmp-server trap-source
To specify the interface (and hence the corresponding IP address) from which a Simple Network Management Protocol (SNMP) trap should originate, use the snmp-server trap-source command in global configuration mode. To remove the source designation, use the no form of this command.
Syntax Description
type
Interface type. For more information, use the question mark (?) online help function.
interface-path-id
Physical interface or virtual interface.
Note Use the show interfaces command to see a list of all interfaces currently configured on the router.
For more information about the syntax for the router, use the question mark (?) online help function.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
When an SNMP trap is sent from a Cisco SNMP device, it has a notification address of the interface it happened to exit at that time. Use the snmp-server trap-source command to monitor notifications from a particular interface.
NoteIn references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RP0 or RP1) and the module is CPU0. Example: interface MgmtEth0/RP1/CPU0/0.
Task ID
Examples
The following example shows how to specify that the IP address for Packet-over-SONET/SDH (POS) interface 0/0/1/0 is the source for all SNMP notifications:
RP/0/RP0/CPU0:router(config)# snmp-server trap-source POS 0/0/1/0Related Commands
snmp-server trap-timeout
To define how often to try resending trap messages on the retransmission queue, use the snmp-server trap-timeout command in global configuration mode. To restore the default value, use the no form of this command.
Syntax Description
seconds
Integer that sets the interval for resending the messages, in seconds). Value can be from 1 to 1000.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Before Cisco IOS XR software tries to send a trap, it looks for a route to the destination address. If there is no known route, the trap is saved in a retransmission queue. Use the snmp-server trap-timeout command to determine the number of seconds between retransmission attempts.
Task ID
Examples
The following example shows how to set an interval of 20 seconds to try resending trap messages on the retransmission queue:
RP/0/RP0/CPU0:router(config)# snmp-server trap-timeout 20Related Commands
snmp-server user
To configure a new user to a Simple Network Management Protocol (SNMP) group, use the snmp-server user command in global configuration mode. To remove a user from an SNMP group, use the no form of this command.
snmp-server user username groupname { v1 | v2c | v3 [ auth { md5 | sha } { clear | encrypted } auth-password [ priv { 3des | aes aes-bit-encryption | des56 } { clear | encrypted } priv-password ] ] } [ SDROwner | SystemOwner ] [access-list-name]
no snmp-server user username groupname
Syntax Description
username
Name of the user on the host that connects to the agent.
groupname
Name of the group to which the user belongs.
v1
Specifies that the SNMPv1 security model should be used.
v2c
Specifies that the SNMPv2c security model should be used.
v3
Specifies that the SNMPv3 security model should be used.
auth
(Optional) Specifies which authentication level should be used. If this keyword is used, you must specify an authentication level and an authorization password. md5
Specifies the HMAC-MD5-96 authentication level. sha
Specifies the HMAC-SHA-96 authentication level. clear
Specifies that an unencrypted password follows. encrypted
Specifies that an encrypted password follows. auth-password
Authentication password, which is a string (not to exceed 64 characters) that enables the agent to receive packets from the host.
priv
(Optional) Specifies that encryption parameters follow.
3des
Specifies the 168-bit Triple Data Encryption Standard (3DES) level of encryption for the user.
aes aes-bit-encryption
Specifies the Advanced Encryption Standard (AES) level of encryption for the user. Supported options are 128, 192 and 256 bit encryption.
des56
Specifies the 56-bit Data Encryption Standard (DES) level of encryption for the user.
priv-password
Privacy password, which can be clear or encrypted text, according to what is specified.
SDROwner
(Optional) Limits access to the agents for the owner secure domain router (SDR) only.
SystemOwner
(Optional) Provides system-wide access to the agents for all SDRs.
access-list-name
(Optional) Access list to be associated with this SNMP user. The access-list-name argument represents a value from 1 to 99, that is, the identifier of the standard IP access list.
Command History
Release
Modification
Release 2.0
This command was introduced.
Release 3.2
The access keyword was removed.
The 0 and 7 keywords were replaced by the clear and encrypted keywords, respectively.
Release 3.3.0
Optional keywords LROwner and SystemOwner were added.
Release 3.6.0
The LROwner keyword was changed to the SDROwner keyword.
Release 3.9.0
AES and 3DES encryption formats were supported.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
To use 3DES and AES encryption standards, you must have installed the security package (k9sec). For information on installing software packages, see Upgrading and Managing Cisco IOS XR Software in Cisco IOS XR System Management Configuration Guide for the Cisco CRS Router.
SDR and System-wide Access
When the snmp-server user command is entered with the SDROwner keyword, SNMP access is granted only to the MIB object instances in the owner SDR.
When the snmp-server user command is entered with the SystemOwner keyword, SNMP access is granted to all SDRs in the system .
Note
In a non-owner SDR, user access is provided only to the object instances in that SDR, regardless of the access privilege assigned. Access to the owner SDR and system-wide access privileges are available only from the owner SDR.
Task ID
Examples
The following example shows how to enter a plain-text password for the string abcd for user2 in group2:
RP/0/RP0/CPU0:router(config)# snmp-server user user2 group2 v3 auth md5 clear abcdTo learn if this user has been added to the configuration, use the show snmp user command.
If the localized Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) digest is known, specify that string instead of the plain-text password. The digest should be formatted as AA:BB:CC:DD where AA, BB, CC, and DD are hexadecimal values. The digest should also be exactly 16 octets long.
This example shows how to specify the command with a digest name of 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:
RP/0/RP0/CPU0:router(config)# snmp-server user user2 group2 v3 auth md5 encrypted 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FFsnmp-server view
To create or update a Simple Network Management Protocol (SNMP) view entry, use the snmp-server view command in global configuration mode. To remove the specified server view entry, use the no form of this command.
snmp-server view view-name oid-tree { excluded | included }
no snmp-server view view-name oid-tree { excluded | included }
Syntax Description
view-name
Label for the view record being updated or created. The name is used to reference the record.
oid-tree
Object identifier (OID) of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system. Replace a single subidentifier with the asterisk (*) wildcard to specify a subtree family; for example 1.3.*.4.
excluded
Excludes the MIB family from the view.
included
Includes the MIB family in the view.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Other SNMP commands require a view as a keyword. Use the snmp-server view command to create a view to be used as keywords for other commands that create records including a view.
Instead of defining a view explicitly, you can rely on the following predefined views, which are supported by the SNMP agent:
- all
Predefined view indicating that a user can see all objects.
- CfgProt
Predefined view indicating that a user can see all objects except the SNMPv3 configuration tables.
- vacmViewTreeFamilyEntry
Predefined view indicating that a user can see the default configuration of vacmViewTreeFamilyEntry.
The predefined views supported on Cisco IOS XR software, however, do not match the predefined views specified in RFC 3415.
Task ID
Examples
This example creates a view that includes all objects in the MIB-II subtree:
RP/0/RP0/CPU0:router(config)# snmp-server view mib2 1.3.6.1.2.1 includedThis example shows how to create a view that includes all objects in the MIB-II system group and all objects in the Cisco enterprise MIB:
RP/0/RP0/CPU0:router(config)# snmp-server view view1 1.3.6.1.2.1.1 included RP/0/RP0/CPU0:router(config)# snmp-server view view1 1.3.6.1.4.1.9 includedThis example shows how to create a view that includes all objects in the MIB-II system group except for sysServices (System 7) and all objects for interface 1 in the MIB-II interfaces group:
RP/0/RP0/CPU0:router(config)# snmp-server view view1 1.3.6.1.2.1.1 included RP/0/RP0/CPU0:router(config)# snmp-server view view1 1.3.6.1.2.1.1.7 excluded RP/0/RP0/CPU0:router(config)# snmp-server view view1 1.3.6.1.2.1.2.2.1.*.1 includedsnmp-server vrf
To configure the VPN routing and forwarding (VRF) properties of Simple Network Management Protocol (SNMP), use the snmp-server vrf command in global configuration mode. To remove the configuration, use the no form of this command.
snmp-server vrf vrf-name [ host address [ clear | encrypted ] [traps] [ version { 1 | 2c | 3 security-level } ] community-string [ udp-port port ] ] [ context context-name ]
no snmp-server vrf vrf-name
Syntax Description
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Use this command to enter SNMP VRF configuration mode and configure an SNMP notification recipient on a VRF. You can also map a VRF to an SNMP context.
SNMP notification recipient that is reachable by way of a VRF can be configured. Notification is forwarded to the recipient represented by its address using the routing table instance identified by the VRF name.
The address argument can be either a host name or an IP address.
Use the clear keyword to specify that the clear text community string you enter is displayed encrypted in the show running command output. To enter an encrypted string, use the encrypted keyword. To enter a clear text community string that is not encrypted by the system, use neither of these keywords.
An SNMP context identified by the value of the context-name argument can be mapped to a VRF in this mode. This context must be created using snmp-server context command.
Task ID
Examples
This example shows how to configure a host IP address for a VRF name:
RP/0/RP0/CPU0:router(config)# snmp-server vrf vrfa RP/0/RP0/CPU0:router(config-snmp-vrf)# host 12.21.0.1 traps version 2c public udp-port 2525snmp test trap all
To send a Simple Network Management Protocol (SNMP) trap message to the trap receivers for all supported traps, use the snmp test trap all command in EXEC mode.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
To use the snmp test trap command, SNMP must be configured on the router. This command is not intended for testing scalability, performance, or high availability scenarios.
Use the snmp test trap all command to generate test traps for all supported traps. The following traps are supported:
- coldStart—SNMP agent Initializing and its configuration may have changed.
- warmStart—SNMP agent Initializing and its configuration is unaltered.
- linkUp—Interface ifOperStatus is Up.
- linkDown—Interface ifOperStatus is Down.
- clogMessage Generated—Syslog message generated.
- ciscoFlashDeviceInsertedNotif—Flash device inserted.
- ciscoFlashDeviceRemovedNotif—Flash device removed.
- ciscoRFProgressionNotif—RF state change.
- ciscoRFSwactNotif—Switchover.
- ciscoConfigManEvent—Command-line interface (CLI) configuration management event.
- newRoot—SNMP agent is a new root of the spanning tree.
- topologyChange—Bridge port has transitioned to the Forwarding state.
- cefcFanTrayOperStatus—Fan tray cefcFanTrayOperStatus is Up.
- cefcModuleStatusChange—Module cefcModuleOperStatus is OK (module up) or module cefcModuleOperStatus is Failed (module down).
- entSensorThresholdNotification—entSensorValue crossed the entSensorthresholdValue.
- cefcPowerStatusChange—Redundant PowerSupply fails.
Task ID
Examples
Example
This example illustrates how to use the snmp test trap all command:
RP/0/RP0/CPU0:router# snmp test trap allsnmp test trap entity
To send a test SNMP Entity trap message to the trap receivers, use the snmp test trap entity command in EXEC mode.
snmp test trap entity { fru { power status-change failed | module status-change { up | down } | fan-tray oper-status up } | sensor threshold-notification } [ entity-index index ]
Syntax Description
fru
Sends a field replacement unit trap.
power status-change failed
Sends a cefcPowerStatusChange trap for the CISCO-ENTITY-FRU-CONTROL-MIB.
module status-change{up | down}
Sends a cefcModuleStatusChange trap for the CISCO-ENTITY-FRU-CONTROL-MIB.
fan-tray oper-status up
Sends a cefcFanTrayOperStatus trap for the CISCO-ENTITY-FRU-CONTROL-MIB.
sensor
Sends a sensor trap.
threshold-notification
Sends a entSensorThresholdNotification trap for the CISCO-ENTITY-SENSOR-MIB.
entity-index index
Specifies the physical index for which to generate the trap.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The snmp test trap entity command tests the sending of Entity MIB traps. It is not intended for testing scalability, performance, or high availability scenarios. To use the snmp test trap command, SNMP must be configured on the router.
Task ID
Examples
Example
This example illustrates how to use the snmp test trap entity command:
RP/0/RP0/CPU0:router# snmp test trap entity sensor threshold indexsnmp test trap infra
To send a test Simple Network Management Protocol (SNMP) Infra trap message to the trap receivers, use the snmp test trap infra command in EXEC mode.
snmp test trap infra { bridge { new-root | topology-change } | config event | flash { device-inserted | device-removed } | redundancy { progression | switch } | syslog message-generated }
Syntax Description
bridge
Sends a bridge trap.
new-root
Sends a newRoot trap for the BRIDGE-MIB.
topology-change
Sends a topologyChange trap for the BRIDGE-PORT.
config event
Sends a ciscoConfigManEvent trap for the CISCO-CONFIG-MAN-MIB.
flash
Sends a flash trap.
device-inserted
Sends a ciscoFlashDeviceInsertedNotif trap for the CISCO-FLASH-MIB.
device-removed
Sends a ciscoFlashDeviceRemovedNotif trap for the CISCO-FLASH-MIB.
redundancy
Sends an RF trap.
progression
Sends a ciscoRFProgressionNotif trap for the CISCO-RF-MIB.
switch
Sends a ciscoRFSwactNotif trap for the CISCO-RF-MIB.
syslog message-generated
Sends a clogMessageGenerated for the CISCO-SYSLOG-MIB.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The snmp test trap infra command tests the sending of Infra MIB traps. It is not intended for testing scalability, performance, or high availability scenarios. To use this command, SNMP must be configured on the router.
Task ID
snmp test trap interface
To send a test Simple Network Management Protocol (SNMP) interface trap message to the trap receivers, use the snmp test trap interface command in EXEC mode.
Syntax Description
link-down
Sends a linkDown trap for the IF-MIB.
link-up
Sends a linkUp trap for the IF-MIB.
ifindex index
Specifies the interface index for which to send the IF-MIB trap.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The snmp test trap interface command tests the sending of IF-MIB traps. It is not intended for testing scalability, performance, or high availability scenarios. To use this command, SNMP must be configured on the router.
Task ID
snmp test trap snmp
To send a test Simple Network Management Protocol (SNMP) trap message to the trap receivers, use the snmp test trap snmp command in EXEC mode.
Syntax Description
cold-start Sends a coldStart trap for the SNMPv2-MIB.
warm-start Sends a warmStart trap for the SNMPv2-MIB.
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
The snmp test trap snmp command tests the sending of MIB traps. It is not intended for testing scalability, performance, or high availability scenarios. To use this command, SNMP must be configured on the router.
Task ID
