Configuring Basic SNMPv2c Functions
Context
For the configuration of basic SNMP functions, 1, 3, 4, and 5 are mandatory steps. After the configuration is complete, basic SNMP communication can be established between the NMS and managed device.
The traps sent by the managed device do not need to be acknowledged by the NMS.
The informs sent by the managed device need to be acknowledged by the NMS. If no acknowledgement message from the NMS is received within a specified time period, the managed device resends the inform until the number of retransmissions reaches the maximum.
When the managed device sends an inform, it records the inform in the log. If the NMS and link between the NMS and managed device recovers from a fault, the NMS can still learn the inform sent during the fault occurrence and rectification.
Procedure
- Run:
system-view
The system view is displayed.
- (Optional) Run:
snmp-agent
The SNMP agent function is enabled.
By default, the SNMP agent function is disabled. Executing the snmp-agent command can enable the SNMP agent function no matter whether parameters are specified in the command.
- Run:
snmp-agent sys-info version v2c
The SNMP version is set to SNMPv2c.
By default, SNMPv3 is enabled.
After SNMPv2c is enabled, the managed devices support SNMPv2c and SNMPv3 and can be monitored and managed by both SNMPv2c and SNMPv3 NMSs.
- Run:
snmp-agent community { read | write } { community-name | cipher community-name }
The community name is configured for the device.
The community name will be saved in encrypted format in the configuration file.
The Switch has the following requirements for community name complexity:
The default minimum length of a community name is six characters. The set password min-length command determines the minimum length of a community name.
A community name includes at least two kinds of characters, which can be uppercase letters, lowercase letters, digits, and special characters except question marks (?) and spaces.
After the read-and-write community name is set, the NMS with this name has the right of the ViewDefault view (OID: 1.3.6.1). To change the access right of the NMS, see (Optional) Restricting Management Rights of the NMS.Ensure that the community name of the NMS is the same as that set on the agent. If the NMS and the agent have different community names, the NMS cannot access the agent.
- Choose one of the following commands as needed to configure the device to send either traps or informs to the NMS.
Before configuring a device to send traps, confirm that the information center has been enabled. If the information center is not enabled, run the info-center enable command to enable it.
To configure a destination IP address for the traps and error codes sent from the device, run:
snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number ] [ source interface-type interface-number ] [ public-net | vpn-instance vpn-instance-name ] params securityname { security-name | cipher security-name } v2c [ ext-vb ]
To configure a destination IP address for the informs and error codes sent from the device, run:
snmp-agent target-host inform address udp-domain ip-address [ udp-port port-number ] [ source interface-type interface-number ] [ vpn-instance vpn-instance-name ] params securityname { security-name | cipher security-name } v2c [ ext-vb ]
Note the following when running the command:The default destination UDP port number is 162. To ensure secure communication between the NMS and managed devices, run the udp-port command to change the UDP port number to a non-well-known port number.
The parameter securityname identifies devices that send traps on the NMS.
If trap messages sent from the managed device to the NMS need to be transmitted over a public network, the parameter public-net needs to be configured. If trap messages sent from the managed device to the NMS need to be transmitted over a private network, the parameter vpn-instance vpn-instance-name needs to be configured to specify a VPN that will take over the transmission task.
- (Optional) Run:
snmp-agent sys-info { contact contact | location location }
The equipment administrators contact information or location is configured.
By default, the vendor's contact information is "R&D Beijing, Huawei Technologies co.,Ltd.". The default location is "Beijing China".
This step is required for the NMS administrator to view contact information and locations of the equipment administrator when the NMS manages many devices. This helps the NMS administrator to contact the equipment administrators for fault location and rectification.
- (Optional) Run:
snmp-agent packet max-size byte-count
The maximum size of SNMP messages that the device can receive and send is set.
By default, the maximum size of SNMP messages is 12000 bytes.
When the size of an SNMP message is larger than the configured value, the device discards the SNMP message. To ensure that NMS can process SNMP packets properly, set the parameter byte-count based on the maximum size of an SNMP packet that the NMS can process.