Example for Configuring the Device to Communicate with the NM Station Using SNMPv1
Networking Requirements
As shown in Figure 1-9, NMS1 and NMS2 manage devices on the existing network. Since the network is small and has high security, devices are configured to communicate with the NM station using SNMPv1.
A router is added to the network for capacity expansion and monitored by the NMSs. Users want to monitor the router using current network resources. To allow the NMS administrator quickly contact a device administrator to locate and troubleshoot faults on the router, contact information about the device administrator is required to be configured on the device. Based on users' service requirements, the NMS is restricted to manage only DNS nodes on the router.
Configuration Roadmap
Since the network is small and has high security, SNMPv1 can be enabled on the new device. To reduce the workload of the NM station, NMS2 is used to manage the router. NMS1 does not manage the router.
The configuration roadmap is as follows:
Configure SNMPv1 on the router.
Configure user access rights to enable NMS2 to manage DNS nodes on the router.
Configure the trap function on the router to send alarms generated on the router to NMS2. Only modules that are enabled by default can send alarms, which helps locate alarms and prevent unwanted alarms.
Configure contact information about the router administrator to quickly troubleshoot faults when the router fails.
Configure the NM station (only NMS2).
Procedure
- Configure the IP address and route on the router and ensure the route
between the device and the NMS is reachable.
<Huawei> system-view [Huawei] sysname Router [Router] interface gigabitethernet 1/0/0 [Router-GigabitEthernet1/0/0] ip address 10.1.2.1 24 [Router-GigabitEthernet1/0/0] quit [Router] ospf [Router-ospf-1] area 0 [Router-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255 [Router-ospf-1-area-0.0.0.0] quit [Router-ospf-1] quit
- Enable the SNMP agent.
[Router] snmp-agent
- Configure SNMPv1 on the Router.
[Router] snmp-agent sys-info version v1
- Configure access rights of the NM station.
# Configure ACLs, enable NMS2 to manage the Router, and disable NMS1 from managing the Router.
[Router] acl 2001 [Router-acl-basic-2001] rule 5 permit source 10.1.1.2 0.0.0.0 [Router-acl-basic-2001] rule 6 deny source 10.1.1.1 0.0.0.0 [Router-acl-basic-2001] quit
# Configure a MIB view.
[Router] snmp-agent mib-view dnsmib include 1.3.6.1.4.1.2011.5.25.194
# Configure the source interface from which traps are sent.
[Router] snmp-agent trap source gigabitethernet 1/0/0
# Configure an SNMP community name and reference the configured ACLs and the MIB view.
[Router] snmp-agent community write adminnms2 mib-view dnsmib acl 2001
- Configure the trap function.
[Router] snmp-agent target-host trap-paramsname trapnms2 v1 securityname adminnms2 [Router] snmp-agent target-host trap-hostname nms2 address 10.1.1.2 trap-paramsname trapnms2 [Router] snmp-agent trap queue-size 200 [Router] snmp-agent trap life 60 [Router] snmp-agent trap enable
- Configure contact information about the device administrator.
[Router] snmp-agent sys-info contact call Operator at 010-12345678
- Configure the NM station (NMS2).
Set read and write community names on the NMS that uses SNMPv1. For configurations of the NMS, refer to related configuration guides.
Authentication parameter configuration of the NMS must be the same as that of the device. If the authentication parameter configuration of the NMS is different from that of the device, the NMS cannot manage the device. If only the write community name is configured on the device, the read and write community names on the NMS must be the same as the write community name configured on the device.
- Verify the configuration.
After the configuration is complete, run the following commands to verify that the configurations have taken effect.
# Check the configured SNMP version.
<Router> display snmp-agent sys-info version
SNMP version running in the system: SNMPv1
# View the community names.
<Router> display snmp-agent community write
Community name: %^%#$X!5#d+t+OJOXL1[{O2!&Fe&0UZv'@a;R/`Y+kK$4BUGFe)&2YLuM/kMF!HPG5Mzz3DXe2&F%^%# Storage type: nonVolatile View name: dnsmib Acl: 2001 Total number is 1
# Check the configuration of ACLs.
<Router> display acl 2001
Basic ACL 2001, 2 rules Acl's step is 5 rule 5 permit source 10.1.1.2 0 rule 6 deny source 10.1.1.1 0
# Display the MIB view.
<Router> display snmp-agent mib-view dnsmib
View name: dnsmib MIB subtree: hwDnsMIB Subtree mask: Storage type: nonVolatile View type: included View status: active
# Check the target host for alarms.
<Router> display snmp-agent target-host
Traphost list: Target host name: nms2 Traphost address: 10.1.1.2 Traphost portnumber: 162 Target host parameter: trapnms2 Total number is 1 Parameter list trap target host: Parameter name of the target host: trapnms2 Message mode of the target host: SNMPV1 Trap version of the target host: v1 Security name of the target host: %^%#_=XqAFC_94uCS,3'<gYC*ZU6%^%# Total number is 1
# Check contact information about the device administrator.
<Router> display snmp-agent sys-info contact
The contact person for this managed node: call Operator at 010-12345678
Configuration Files
Configuration file of the Router
# sysname Router # acl number 2001 rule 5 permit source 10.1.1.2 0 rule 6 deny source 10.1.1.1 0 # interface GigabitEthernet1/0/0 ip address 10.1.2.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 10.1.2.0 0.0.0.255 # snmp-agent local-engineid 800007DB03548998F3A458 snmp-agent community write %^%#$X!5#d+t+OJOXL1[{O2!&Fe&0UZv'@a;R/`Y+kK$4BUGFe)&2YLuM/kMF!HPG5Mzz3DXe2&F%^%# mib-view dnsmib acl 2001 snmp-agent sys-info contact call Operator at 010-12345678 snmp-agent sys-info version v1 snmp-agent target-host trap-hostname nms2 address 10.1.1.2 udp-port 162 trap-paramsname trapnms2 snmp-agent target-host trap-paramsname trapnms2 v1 securityname %^%#_=XqAFC_94uCS,3'<gYC*ZU6%^%# snmp-agent mib-view dnsmib include hwDnsMIB snmp-agent trap source gigabitethernet 1/0/0 snmp-agent trap enable snmp-agent trap queue-size 200 snmp-agent trap life 60 snmp-agent # return