Router Installation and Configuration Manual/Configuring Services: SNMP Menu

From ImageStream Router Documentation

(Difference between revisions)
Jump to: navigation, search
Line 1: Line 1:
:This chapter describes how to configure the Simple Network Management Protocol (SNMP) service on the <brand info="co_short_name" /> router.  The SNMP service allows you to access link status, traffic and configuration information via a standard MIB-II-compliant SNMP interface.  The simple network management protocol (SNMP) is an application-layer protocol that allows devices to communicate management information.  This chapter describes the basic configuration of the syslocation, syscontact and community variables. More advanced configurations are possible.   
:This chapter describes how to configure the Simple Network Management Protocol (SNMP) service on the <brand info="co_short_name" /> router.  The SNMP service allows you to access link status, traffic and configuration information via a standard MIB-II-compliant SNMP interface.  The simple network management protocol (SNMP) is an application-layer protocol that allows devices to communicate management information.  This chapter describes the basic configuration of the syslocation, syscontact and community variables. More advanced configurations are possible.   
-
:This chapter includes the following topics:
+
===SNMP Menu===
-
 
+
-
:* Configuring the SNMP service
+
-
:* Enabling SNMP at boot time
+
-
:* Disabling SNMP at boot-time
+
-
:* Starting the SNMP service
+
-
:* Stopping the SNMP service
+
-
:* Configuration and Usage Examples
+
:After logging in, the main menu is displayed (your menu may look slightly different):  
:After logging in, the main menu is displayed (your menu may look slightly different):  

Revision as of 17:50, 9 September 2010

This chapter describes how to configure the Simple Network Management Protocol (SNMP) service on the ImageStream router. The SNMP service allows you to access link status, traffic and configuration information via a standard MIB-II-compliant SNMP interface. The simple network management protocol (SNMP) is an application-layer protocol that allows devices to communicate management information. This chapter describes the basic configuration of the syslocation, syscontact and community variables. More advanced configurations are possible.

Contents

SNMP Menu

After logging in, the main menu is displayed (your menu may look slightly different):
     ISis-Router main menu 
     1. Configuration menu 
     2. Show interface status 
     3. Advanced 
     4. Router software management 
     5. Backup/Restore 
     6. halt/reboot 
     0. Log off 
Select menu option 1, Configuration and update menu, and press Enter to configure the router. The Configuration menu should appear (your menu may look slightly different):
     Configuration menu 
     1. AAA (Password) Configuration 
     2. Global configuration 
     3. Network interface configuration 
     4. Firewall and QOS configuration 
     5. Service configuration 
     6. Dynamic routing configuration 
     7. Save configuration to flash 
     0. ISis-Router main menu 
Select menu option 5, Service configuration, and press Enter to configure the router's service configuration settings. The Service configuration menu will be displayed (again, your menu may look slightly different):
     Service configuration 
     1. System scheduler (cron), (running) 
     2. Dialout PPP, (stopped) 
     3. IPSec VPN (Free S/Wan), (stopped) 
     4. NetFlow exporter (nprobe), (stopped) 
     5. network interfaces (sand), (running) 
     6. sconsole (mgetty), (running) 
     7. snmp (net-snmp), (stopped) 
     8. ssh (OpenSSH), (running) 
     0. Configuration menu 
Select menu option 7, snmp, and press Enter to configure the router's SNMP settings. The snmp menu will be displayed (again, your menu may look slightly different):
     snmp, (running) 
     1. Configure snmp (net-snmp) 
     2. Enable snmp on boot (Does not start snmp) 
     3. Disable snmp on boot (Does not kill snmp) 
     4. Start snmp 
     5. Stop snmp 
     0. Service configuration 
To configure SNMP, select menu option 1, Configure snmp, and press Enter. This will open the default SNMP configuration file in your default text editor (your file may look slightly different):
# 
# snmpd.conf 
# 
#	    - created by the snmpconf configuration program
#
# SECTION: System Information Setup 
# 
#     This section defines some of the information reported in
# the "system" mib group in the mibII tree. 
# syslocation: The [typically physical] location of the system.
# arguments:   location_string syslocation   Unknown 
# syscontact: The contact information for the administrator
# arguments:   contact_string syscontact   root@localhost 
# SECTION: Access Control Setup 
# 
#     This section defines who is allowed to talk to your running
# snmp agent. 
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid] rocommunity   public 


Configuring the SNMP Service

Simple Network Management Protocol (SNMP) monitoring is used to set and collect information on SNMP-capable devices. This feature is most often used to monitor network statistics such as usage and error rate. If SNMP monitoring is on, the router accepts SNMP queries. If SNMP monitoring is off, all SNMP queries are ignored.
The order of the commands entered into this file is not important. The first step is to set the location variable used by SNMP. This is an optional variable that can be used to identify location, configuration or other information about the system when it is queried via SNMP. The system location variable does not affect the operation of SNMP or the router. Use the syslocation keyword to specify this value. The syntax for this command is:
     syslocation { string } 
The first part of the entry (syslocation) specifies the variable to be set. The second (string) part is the value of the variable. The length of this value should not exceed 256 characters. If more than a single word is used, the value must be quoted. For example:
     syslocation 	"Co-Lo Row 3, Rack 4" 
The syscontact keyword typically specifies the e-mail address, telephone number or other contact responsible for the system. This keyword is also optional and can be up to 256 characters in length. The syscontact command's syntax is:
     syscontact { string } 
If more than a single word is used, the value must be quoted. For example:
     syscontact	"root@localhost Joe Smith 800-555-1212"

Configuring the SNMP Community String

Community strings allow you to control access to the MIB information on selected SNMP devices. The read community strings acts like a simple password to permit access to the SNMP agent information. Any device that is allowed to read or access the MIB information must know the community string specified in the SNMP configuration file. The default read community string is public. The command syntax is:
     rocommunity { string } 
Again, the string may be up to 256 characters and should be limited to a single word. Some SNMP readers do not support community names with space or other nonprintable characters. For example:
     rocommunity   router 
this sets the read community string to router.

Enabling Trap Generation

SNMP v1 and v2 traps can be sent to a monitoring system when critical system events occur such as network interface state changes. To enable SNMP traps some additional parameters must be set.
     trapcommunity { string }
This sets the community to send traps to.
     agentSecName { string }
     rwuser { string }
These add a user for sending v2 traps.
     trapsink { ip address }
The trapsink command specifies v1 traps should be sent to the ip address.
     trap2sink { ip address }
The trap2sink command specifies v2 traps should be sent to the ip address.
     defaultMonitors         yes
Enable default monitoring for trap generation.
     linkUpDownNotifications yes
Generate traps when network interfaces go up/down.
SNMP version 2 trap example
     trapcommunity  public
     trap2sink 5.5.5.2
     agentSecName _internal
     rwuser _internal
     # Activate the standard monitoring entries
     defaultMonitors         yes
     linkUpDownNotifications yes
More information on active monitoring and trap generation is available from the Net-snmp maintainers at http://net-snmp.sourceforge.net/docs/man/snmpd.examples.html#lbAT.
Due to security and network transport issues inherent in SNMP, ImageStream routers do not support write communities. Community strings must be set on SNMP agents so that unauthorized users do not view configuration and status information.
Once you have entered all of the configurations for your site in this file, save the file by pressing Control-X. If you have made changes to the file, the router will prompt you to save the file at the bottom of the screen:
     Save modified buffer (ANSWERING "No" WILL DESTROY CHANGES) Y Yes N No	^C Cancel
Press Y on your keyboard. The router will prompt you for a file name:
     File Name to write: /etc/snmp/snmpd.conf ^C Cancel 
You should accept the default filename. If you choose to save the file in a different location, the router will not automatically locate the file and instate any changes. Press Enter on the keyboard to accept the default. The ^C notation indicates the key combination Control-C. You may press Control-C at any time during the save process to return to the file.
Note: You must save the settings to the router's non-volatile flash memory! If the router is rebooted before saving, your changes will be lost! See Chapter 26, Router Installation and Configuration Manual/Backup/Restore Menu: Managing Configurations for more information.
Once you have saved the file by pressing Enter, the router will return you to the SNMP menu:
     snmp, (running) 
     1. Configure snmp (net-snmp) 
     2. Enable snmp on boot (Does not start snmp) 
     3. Disable snmp on boot (Does not kill snmp) 
     4. Start snmp 
     5. Stop snmp 
     0. Service configuration

Enabling SNMP at Boot-time

2. Enable snmp on boot
Selecting this menu option enables the SNMP service when the router is booted. This does not start the SNMP service on the router if it is not running, unless the router is first rebooted. By default, SNMP is disabled on boot. To enable SNMP at boot-time, select this menu option by pressing 2 and Enter. The router will display the following message:
     snmp enabled on boot. 
If SNMP has already been enabled on boot, the router will display the following message:
     snmp already enabled on boot. 
The resulting message will only be displayed for a few seconds, and then you will be returned to the SNMP menu.


Disabling SNMP at Boot-time

3. Disable snmp on boot
Selecting this menu option disables the SNMP service when the router is booted. This does not stop the SNMP service if it is running, unless the router is first rebooted. To disable SNMP on boot, select this menu option by pressing 3 and Enter. The router will display the following message:
     snmp disabled on boot. 
If SNMP has already been disabled on boot, the router will display the following message:
     snmp already disabled on boot. 
The resulting message will only be displayed for a few seconds, and then you will be returned to the SNMP menu.


Starting the SNMP Service

4. Start snmp
Selecting this menu option starts the SNMP service on the router. Starting SNMP does not automatically enable the SNMP service when the router is booted. To start the SNMP service, select this menu option by pressing 4 and Enter. The router will display the following message:
     Starting snmp...done. 
The message will only be displayed for a few seconds, and then you will be returned to the SNMP menu.

Stopping the SNMP Service

5. Stopping snmp
Selecting this menu option stops the SNMP service on the router. Stopping SNMP does not automatically disable the SNMP service when the router is booted. To stop the SNMP service, select this menu option by pressing 5 and Enter. The router will display the following message:
     Stopping snmp...done. 
The message will only be displayed for a few seconds, and then you will be returned to the SNMP menu.

Returning to the Service Configuration Menu

0. Service configuration
Selecting this menu option returns you to the "Service configuration" menu. To return to the Service configuration menu, press 0 and Enter. The router will display the Service configuration menu:
     Service configuration 
     1. System scheduler (cron), (running) 
     2. Dialout PPP, (stopped) 
     3. IPSec VPN (Free S/Wan), (stopped) 
     4. NetFlow exporter (nprobe), (stopped) 
     5. network interfaces (sand), (running) 
     6. sconsole (mgetty), (running) 
     7. snmp (net-snmp), (stopped) 
     8. ssh (OpenSSH), (running) 
     0. Configuration menu

SNMP Configuration and Usage Examples

Personal tools
Router software releases