This chapter contains the following sections:
Information About SNMP
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
The SNMP framework
consists of three parts:
manager—The system used to control and monitor the activities of network
devices using SNMP.
An SNMP agent—The
software component within the managed device that maintains the data for the
device and reports these data, as needed, to manage systems. The
VSG supports the agent and MIB. To enable the SNMP agent, you must
define the relationship between the manager and the agent.
information base (MIB)—The collection of managed objects on the SNMP agent.
SNMP is defined in
RFCs 3411 to 3418.
access control (RBAC) is not supported. Both SNMPv1 and SNMPv2 use a
community-based form of security.
A key feature of SNMP
is the ability to generate notifications from an SNMP agent. These
notifications do not require that requests be sent from the SNMP manager.
Notifications can indicate improper user authentication, restarts, the closing
of a connection, loss of a connection to a neighbor router, or other
SNMP notifications are
generated as either traps or informs. A trap is an asynchronous, unacknowledged
message sent from the agent to the SNMP managers listed in the host receiver
table. Informs are asynchronous messages sent from the SNMP agent to the SNMP
manager which the manager must acknowledge receipt of.
Traps are less
reliable than informs because the SNMP manager does not send any acknowledgment
when it receives a trap. The Cisco Virtual Security Gateway (VSG) cannot
determine if the trap was received. An SNMP manager that receives an inform
request acknowledges the message with an SNMP response protocol data unit
(PDU). If the Cisco VSG Firewall never receives a response, it can send the
inform request again. You can configure the Cisco VSG Firewall to send
notifications to multiple host receivers.
Stateless restarts for SNMP are supported. After a reboot or supervisor switchover, the running configuration command is applied.
Guidelines and Limitations
SNMP has the following configuration guidelines and limitations:
Read-only access to some SNMP MIBs is supported. See the Cisco NX-OS MIB support list at the following URL for more information: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
SNMP role-based access control (RBAC) is not supported.
The SNMP set command is supported by the following Cisco MIBs:
configuration, see the
Network Services Controller GUI Configuration Guide.
Verifying the SNMP
To display the SNMP
configuration, use one of the following commands:
Table 1 SNMP Configuration
running-config snmp [all]
||Displays the SNMP running configuration.
||Displays the SNMP status.
|show snmp community
||Displays the SNMP community strings.
|show snmp context
||Displays the SNMP context mapping.
|show snmp engineID
||Displays the SNMP engine ID.
|show snmp group
||Displays SNMP roles.
|show snmp session
||Displays SNMP sessions.
|show snmp trap
||Displays the SNMP enabled or disabled notifications.
|show snmp user
||Displays SNMP users.
|Complete command syntax, command modes, command history, defaults, usage guidelines, and examples
Cisco Virtual Security Gateway for VMware vSphere Command
|No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
Feature History for SNMP
Table 3 Feature History for SNMP
This feature was introduced.