Configuring SNMP
This chapter contains the following sections:
- Information About SNMP
- Guidelines and Limitations
- Configuring SNMP
- Verifying the SNMP Configuration
- Standards
- MIBs
Information About SNMP
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
SNMP Functional Overview
The SNMP framework consists of three parts:
-
An SNMP manager—The system used to control and monitor the activities of network devices using SNMP.
-
An SNMP agent—The software component within the managed device that maintains the data for the device and reports these data, as needed, to manage systems. Cisco VSG supports the agent and MIB. To enable the SNMP agent, you must define the relationship between the manager and the agent.
-
A managed information base (MIB)—The collection of managed objects on the SNMP agent.
-
SNMP is defined in RFCs 3411 to 3418.
Note | SNMP role-based access control (RBAC) is not supported. Both SNMPv1 and SNMPv2c use a community-based form of security. |
SNMP Notifications
A key feature of SNMP is the ability to generate notifications from an SNMP agent. These notifications do not require that requests be sent from the SNMP manager. Notifications can indicate improper user authentication, restarts, the closing of a connection, loss of a connection to a neighbor router, or other significant events.
SNMP notifications are generated as either traps or informs. A trap is an asynchronous, unacknowledged message sent from the agent to the SNMP managers listed in the host receiver table. Informs are asynchronous messages sent from the SNMP agent to the SNMP manager which the manager must acknowledge receipt of.
Traps are less reliable than informs because the SNMP manager does not send any acknowledgment when it receives a trap. The Intercloud Fabric Firewall (VSG) cannot determine if the trap was received. An SNMP manager that receives an inform request acknowledges the message with an SNMP response protocol data unit (PDU). If the ICF Firewall never receives a response, it can send the inform request again. You can configure the ICF FIrewall to send notifications to multiple host receivers.
High Availability
Stateless restarts for SNMP are supported. After a reboot or supervisor switchover, the running configuration command is applied.
Guidelines and Limitations
SNMP has the following configuration guidelines and limitations:
Read-only access to some SNMP MIBs is supported. See the Cisco NX-OS MIB support list at the following URL for more information: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
SNMP role-based access control (RBAC) is not supported.
The SNMP set command is supported by the following Cisco MIBs:
Configuring SNMP
For SNMP configuration, see the Cisco Prime Network Services Controller GUI Configuration Guide.
Verifying the SNMP Configuration
To display the SNMP configuration, use one of the following commands:
Command | Purpose |
---|---|
show running-config snmp [all] | Displays the SNMP running configuration. |
show snmp | Displays the SNMP status. |
show snmp community | Displays the SNMP community strings. |
show snmp context | Displays the SNMP context mapping. |
show snmp engineID | Displays the SNMP engine ID. |
show snmp group | Displays SNMP roles. |
show snmp session | Displays SNMP sessions. |
show snmp trap | Displays the SNMP enabled or disabled notifications. |
show snmp user | Displays SNMP users. |
Standards
Standards | Title |
---|---|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. | — |
MIBs
MIBs | MIBs Link |
---|---|
|
To locate and download MIBs, go to the following URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml |