SNMP Manager

The Simple Network Management Protocol (SNMP) Manager feature allows a device to serve as an SNMP manager. As an SNMP manager, the device can send SNMP requests to agents and receive SNMP responses and notifications from agents. When the SNMP manager process is enabled, the device can query other SNMP agents and process incoming SNMP traps.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information about SNMP Manager

Overview

The SNMP manager is a system that controls and monitors the activities of network hosts using SNMP. The most common managing system is a network management system (NMS). The term NMS can be applied either to a dedicated device used for network management or to the applications used on such a device. Several network management applications are available for use with SNMP and range from simple command-line applications to applications that use GUIs, such as the CiscoWorks2000 products.

The SNMP manager feature allows a device to act as a network management station--an SNMP client. As an SNMP manager, the device can send SNMP requests to agents and receive SNMP responses and notifications from agents. When the SNMP manager process is enabled, the device can query other SNMP agents and process incoming SNMP traps.

Most network security policies assume that devices will accept SNMP requests, send SNMP responses, and send SNMP notifications.

With the SNMP manager functionality enabled, the device may also send SNMP requests, receive SNMP responses, and receive SNMP notifications. Your security policy implementation may need to be updated prior to enabling this feature.

SNMP requests typically are sent to UDP port 161. SNMP responses are typically sent from UDP port 161. SNMP notifications are typically sent to UDP port 162.

Sessions are created when the SNMP manager in the device sends SNMP requests, such as informs, to a host or receives SNMP notifications from a host. One session is created for each destination host. If there is no further communication between the device and host within the session timeout period, the session will be deleted.

The device tracks statistics, such as the average round-trip time required to reach the host, for each session. Using the statistics for a session, the SNMP manager in the device can set reasonable timeout periods for future requests, such as informs, for that host. If the session is deleted, all statistics are lost. If another session with the same host is later created, the request timeout value for replies will return to the default value.

Sessions consume memory. A reasonable session timeout value should be large enough that regularly used sessions are not prematurely deleted, yet small enough such that irregularly used or one-time sessions are purged expeditiously.

Security Considerations

Most network security policies assume that the devices will be accepting SNMP requests, sending SNMP responses, and sending SNMP notifications.

With the SNMP manager functionality enabled, the device may also be sending SNMP requests, receiving SNMP responses, and receiving SNMP notifications. Your security policy implementation may need to be updated prior to enabling this feature.

SNMP requests are typically sent to UDP port 161. SNMP responses are typically sent from UDP port 161. SNMP notifications are typically sent to UDP port 162.

How to Configure SNMP Manager

Configuring a Device as an SNMP Manager

Perform this task to enable the SNMP manager process and to set the session timeout value.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    snmp-server manager

    4.    snmp-server manager session-timeout seconds

    5.    end

    6.    show snmp

    7.    show snmp sessions brief

    8.    show snmp pending


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 snmp-server manager


    Example:
    Device(config)# snmp-server manager
     

    Enables the SNMP manager.

     
    Step 4 snmp-server manager session-timeout seconds


    Example:
    Device(config)# snmp-server manager session-timeout 30
     

    (Optional) Changes the session timeout value.

     
    Step 5 end


    Example:
    Device(config)# end
     

    Exits global configuration mode.

     
    Step 6 show snmp


    Example:
    Device# show snmp
     

    (Optional) Displays the status of SNMP communications.

     
    Step 7 show snmp sessions brief


    Example:
    Device# show snmp sessions
     

    (Optional) Displays the status of SNMP sessions.

     
    Step 8 show snmp pending


    Example:
    Device# show snmp pending
     

    (Optional) Displays the current set of pending SNMP requests.

     

    Examples

    The following example shows the status of SNMP communications: 

    Device# show snmp

Chassis: 01506199
37 SNMP packets input
    0 Bad SNMP version errors
    4 Unknown community name
    0 Illegal operation for community name supplied
    0 Encoding errors
    24 Number of requested variables
    0 Number of altered variables
    0 Get-request PDUs
    28 Get-next PDUs
    0 Set-request PDUs
78 SNMP packets output
    0 Too big errors (Maximum packet size 1500)
    0 No such name errors
    0 Bad values errors
    0 General errors
    24 Response PDUs
    13 Trap PDUs
SNMP logging: enabled
    Logging to 172.17.58.33.162, 0/10, 13 sent, 0 dropped.
SNMP Manager-role output packets
    4 Get-request PDUs
    4 Get-next PDUs
    6 Get-bulk PDUs
    4 Set-request PDUs
    23 Inform-request PDUs
    30 Timeouts
    0 Drops
SNMP Manager-role input packets
    0 Inform response PDUs
    2 Trap PDUs
    7 Response PDUs
    1 Responses with errors
SNMP informs: enabled
    Informs in flight 0/25 (current/max)
    Logging to 172.17.217.141.162
        4 sent, 0 in-flight, 1 retries, 0 failed, 0 dropped
    Logging to 172.17.58.33.162
        0 sent, 0 in-flight, 0 retries, 0 failed, 0 dropped

    The following example displays the status of SNMP sessions: 

    Device# show snmp sessions

Destination: 172.17.58.33.162, V2C community: public
  Round-trip-times: 0/0/0 (min/max/last)
  packets output
    0 Gets, 0 GetNexts, 0 GetBulks, 0 Sets, 4 Informs
    0 Timeouts, 0 Drops
  packets input
    0 Traps, 0 Informs, 0 Responses (0 errors)
Destination: 172.17.217.141.162, V2C community: public, Expires in 575 secs
  Round-trip-times: 1/1/1 (min/max/last)
  packets output
    0 Gets, 0 GetNexts, 0 GetBulks, 0 Sets, 4 Informs
    0 Timeouts, 0 Drops
 packets input
    0 Traps, 0 Informs, 4 Responses (0 errors)

    The following example shows the current set of pending SNMP requests: 

    Device# show snmp pending

req id: 47, dest: 172.17.58.33.161, V2C community: public, Expires in 5 secs
req id: 49, dest: 172.17.58.33.161, V2C community: public, Expires in 6 secs
req id: 51, dest: 172.17.58.33.161, V2C community: public, Expires in 6 secs
req id: 53, dest: 172.17.58.33.161, V2C community: public, Expires in 8 secs

    Additional References

    Related Documents

    Related Topic

    Document Title

    Cisco IOS commands

    Cisco IOS Master Command List, All Releases

    SNMP commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

    Cisco IOS SNMP Command Reference

    Cisco implementation of RFC 1724, RIP Version 2 MIB Extensions

    RIPv2 Monitoring with SNMP Using the RFC 1724 MIB Extensions feature module

    DSP Operational State Notifications for notifications to be generated when a digital signaling processor (DSP) is used

    DSP Operational State Notifications feature module

    Standards and RFCs

    Standard/RFC

    Title

    CBC-DES (DES-56) standard

    Symmetric Encryption Protocol

    STD: 58

    Structure of Management Information Version 2 (SMIv2)

    RFC 1067

    A Simple Network Management Protocol

    RFC 1091

    Telnet terminal-type option

    RFC 1098

    Simple Network Management Protocol (SNMP)

    RFC 1157

    Simple Network Management Protocol (SNMP)

    RFC 1213

    Management Information Base for Network Management of TCP/IP-based internets:MIB-II

    RFC 1215

    Convention for defining traps for use with the SNMP

    RFC 1901

    Introduction to Community-based SNMPv2

    RFC 1905

    Common Management Information Services and Protocol over TCP/IP (CMOT)

    RFC 1906

    Telnet X Display Location Option

    RFC 1908

    Simple Network Management Protocol (SNMP)

    RFC 2104

    HMAC: Keyed-Hashing for Message Authentication

    RFC 2206

    RSVP Management Information Base using SMIv2

    RFC 2213

    Integrated Services Management Information Base using SMIv2

    RFC 2214

    Integrated Services Management Information Base Guaranteed Service Extensions using SMIv2

    RFC 2271

    An Architecture for Describing SNMP Management Frameworks

    RFC 2570

    Introduction to Version 3 of the Internet-standard Network Management Framework

    RFC 2578

    Structure of Management Information Version 2 (SMIv2)

    RFC 2579

    Textual Conventions for SMIv2

    RFC 2580

    Conformance Statements for SMIv2

    RFC 2981

    Event MIB

    RFC 2982

    Distributed Management Expression MIB

    RFC 3413

    SNMPv3 Applications

    RFC 3415

    View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)

    RFC 3418

    Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)

    MIBs

    MIB

    MIBs Link

    • Circuit Interface Identification MIB

    • Cisco SNMPv2

    • Ethernet-like Interfaces MIB

    • Event MIB

    • Expression MIB Support for Delta, Wildcarding, and Aggregation

    • Interfaces Group MIB (IF-MIB)

    • Interfaces Group MIB Enhancements

    • MIB Enhancements for Universal Gateways and Access Servers

    • MSDP MIB

    • NTP MIB

    • Response Time Monitor MIB

    • Virtual Switch MIB

    To locate and download MIBs for selected platforms, releases, and feature sets, use Cisco MIB Locator found at the following URL:

    http:/​/​www.cisco.com/​go/​mibs

    Technical Assistance

    Description

    Link

    The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

    http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

    Feature Information for SNMP Manager

    The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to . An account on Cisco.com is not required.
    Table 1 Feature Information for SNMP Manager

    Feature Name

    Releases

    Feature Information

    SNMP Manager

    11.3(1)

    11.3(1)T

    12.0(1)

    15.0(1)S

    The SNMP Manager feature adds a system that controls and monitors the activities of network hosts using SNMP. The most common managing system is an NMS.