H3C S9500 Series Operating instructions

Brand: H3C

Model: S9500 Series

Type: Operating instructions

H3C S9500 Series, a high-performance routing switch, offers advanced capabilities for various network applications. With its robust hardware architecture and comprehensive software features, it excels in scalability, reliability, security, and manageability. The S9500 Series is ideal for large-scale enterprise networks, data centers, and service provider networks, providing a solid foundation for next-generation network services.

Operation Manual – SNMP

H3C S9500 Series Routing Switches Table of Contents

Table of Contents

Chapter 1 SNMP Configuration....................................................................................................1-1

1.1 SNMP Overview.................................................................................................................1-1

1.1.1 SNMP Mechanism ..................................................................................................1-1

1.1.2 SNMP Protocol Version ..........................................................................................1-2

1.1.3 MIB Overview..........................................................................................................1-2

1.2 SNMP Configuration..........................................................................................................1-3

1.3 Trap Configuration.............................................................................................................1-5

1.3.1 Configuration Prerequisites.....................................................................................1-5

1.3.2 Configuration Procedure.........................................................................................1-5

1.4 Displaying and Maintaining SNMP ....................................................................................1-7

1.5 SNMP Configuration Examples.........................................................................................1-7

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-1

Chapter 1 SNMP Configuration

When configuring SNMP, go to these sections for information you are interested in:

z SNMP Overview

z SNMP Configuration

z Trap Configuration

z Displaying and Maintaining SNMP

z SNMP Configuration Examples

1.1 SNMP Overview

Simple network management protocol (SNMP) offers a framework to monitor network

devices through TCP/IP protocol suite. It provides a set of basic operations in

monitoring and maintaining the Internet and has the following characteristics:

z Automatic network management: SNMP enables network administrators to search

and modify information, find and diagnose network problems, plan for network

growth, and generate reports on network nodes.

z SNMP shields the physical differences between various devices and thus realizes

automatic management of products from different manufacturers. Offering only

the basic set of functions, SNMP makes the management tasks independent of

both the physical features of the managed devices and the underlying networking

technology. Thus, SNMP achieves effective management of devices from different

manufactures, especially so in small, high-speed and low cost network

environments.

1.1.1 SNMP Mechanism

An SNMP enabled network is comprised of network management station (NMS) and

Agent.

z NMS is a station that runs the SNMP client software. It offers a user friendly

human computer interface, making it easier for network administrators to perform

most network management tasks. Currently, the most commonly used NMSs

include Sun NetManager and IBM NetView.

z Agent is a program on the device. It receives and handles requests sent from the

NMS. Only under certain circumstances, such as interface state change, will the

Agent inform the NMS.

z NMS manages an SNMP enabled network, whereas Agent is the managed

network device. They exchange management information through the SNMP

protocol.

SNMP provides the following four basic operations:

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-2

z Get operation: NMS gets the behavior information of the Agent through this

operation.

z Set operation: NMS can reconfigure certain values in the Agent MIB (management

information base) to make the Agent perform certain tasks by means of this

operation.

z Trap operation: Agent sends Trap information to the NMS through this operation.

z Inform operation: NMS sends Trap information to other NMSs through this

operation.

1.1.2 SNMP Protocol Version

Currently, SNMP agents support SNMPv3 and are compatible with SNMPv1 and

SNMPv2c.

SNMPv1 and SNMPv2c authenticate by means of community name, which defines the

relationship between an SNMP NMS and an SNMP Agent. SNMP packets with

community names that did not pass the authentication on the device will simply be

discarded. A community name performs a similar role as a key word and can be used to

regulate access from NMS to Agent.

SNMPv3 offers an authentication that is implemented with a User-Based Security

Model (USM for short), which could be authentication with privacy, authentication

without privacy, or no authentication no privacy. USM regulates the access from NMS

to Agent in a more efficient way.

1.1.3 MIB Overview

Management information base (MIB) is a collection of all the objects managed by NMS.

It defines the set of characteristics associated with the managed objects, such as the

object identifier (OID), access right and data type of the objects.

MIB stores data using a tree structure. The node of the tree is the managed object and

can be uniquely identified by a path starting from the root node. As illustrated in the

following figure, the managed object B can be uniquely identified by a string of numbers

{1.2.1.1}. This string of numbers is the OID of the managed object B.

Figure 1-1 MIB tree

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-3

1.2 SNMP Configuration

As configurations for SNMPv3 differ substantially from those of SNMPv1 and SNMPv2c,

their SNMP functionalities will be introduced separately below.

Follow these steps to configure SNMPv3:

To do… Use the command… Remarks

Enter system view

system-view

—

Enable SNMP Agent

snmp-agent

Optional

Disabled by default

You can enable SNMP

Agent through this

command or any

commands that begin with

“snmp-agent”.

Configure SNMP Agent

system information

snmp-agent sys-info

{ contact sys-contact |

location sys-location |

version { all | { v1 | v2c |

v3 }* } }

Optional

The defaults are as

follows:

Hangzhou H3C

Technologies Co., Ltd. for

contact,

Hangzhou, China for

location, and <NONE> for

the version.

Configure an SNMP agent

group

snmp-agent group v3

group-name

[ authentication |

privacy ] [ read-view

read-view ] [ write-view

write-view ] [ notify-view

notify-view ] [ acl

acl-number ]

Required

Add a new user to an

SNMP agent group

snmp-agent usm-user

v3 user-name

group-name

[ authentication-mode

{ md5 | sha }

auth-password

[ privacy-mode { des56 |

aes128 } priv-password ] ]

[ acl acl-number ]

Required

Configure the maximum

size of an SNMP packet

that can be received or

sent by an SNMP agent

snmp-agent packet

max-size byte-count

Optional

1,500 bytes by default

Configure the engine ID

for a local SNMP agent

snmp-agent

local-engineid engineid

Optional

Company ID and device

ID by default

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-4

To do… Use the command… Remarks

Create or update the MIB

view content for an SNMP

agent

snmp-agent mib-view

{ included | excluded }

view-name oid-tree

[ mask mask-value ]

Optional

MIB view name is

ViewDefault and OID is 1

by default.

Follow these steps to configure SNMPv1 and SNMPv2c:

To do… Use the command… Remarks

Enter system view

system-view

—

Enable SNMP Agent

snmp-agent

Optional

Disabled by default

You can enable SNMP

Agent through this

command or any

commands that begin with

“snmp-agent”.

Configure SNMP Agent

system information

snmp-agent sys-info

{ contact sys-contact |

location sys-location |

version { { v1 | v2c | v3 }*

| all } }

Required

The defaults are as

follows:

Hangzhou H3C

Technologies Co., Ltd. for

contact,

Hangzhou, China for

location and <NONE> for

the version.

Config

ure

directl

Config

ure a

comm

unity

name

snmp-agent community

{ read | write }

community-name [ acl

acl-number | mib-view

view-name ]*

Config

ure an

SNMP

group

snmp-agent group { v1 |

v2c } group-name

[ read-view read-view ]

[ write-view write-view ]

[ notify-view notify-view ]

[ acl acl-number ]

Config

ure

SNMP

NMS

acces

s right

Config

ure

indirec

tly

Add a

new

user to

SNMP

group

snmp-agent usm-user

{ v1 | v2c } user-name

group-name [ acl

acl-number ]

Use either approach.

The community name of

SNMPv1 or SNMPv2c is

used in direct

configuration.

The second approach was

introduced to be

compatible with SNMPv3.

Adding a user to a

specified group equals to

the configuration of the

community name of

SNMPv1 and SNMPv2c.

The community name

configured on NMS should

be consistent with the

corresponding username

configured on the Agent.

Configure the maximum

size of an SNMP packet

that can be received or

sent by an SNMP agent

snmp-agent packet

max-size byte-count

Optional

15,00 bytes by default

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-5

To do… Use the command… Remarks

Configure the engine ID

for a local SNMP agent

snmp-agent

local-engineid engineid

Optional

Company ID and device

ID by default

Create or update MIB

view content for an SNMP

agent

snmp-agent mib-view

{ included | excluded }

view-name oid-tree

[ mask mask-value ]

Optional

ViewDefault by default

Caution:

The validity of a USM user depends on the engine ID of the SNMP agent. If the engine

ID used for USM user creation is not identical to the current engine ID, the USM user is

invalid.

1.3 Trap Configuration

SNMP Agent sends Trap messages to NMS to alert the latter of critical and important

events (such as restart of the managed device).

1.3.1 Configuration Prerequisites

Basic SNMP configurations have been completed.

1.3.2 Configuration Procedure

I. Enabling Trap message transmission

Follow these steps to enable Trap packet transmission:

To do… Use the command… Remarks

Enter system view

system-view

—

Set to enable the device

to send Trap packets

globally

snmp-agent trap enable

[ bgp | configuration |

flash | mpls | ospf

[ process-id ]

[ ospf-trap-list ] | standard

[ authentication |

coldstart | linkdown |

linkup | warmstart ]* |

system | vrrp

[ authfailure |

newmaster ] ]

Optional

All types of Trap packets

are allowed by default.

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-6

To do… Use the command… Remarks

Enter interface view

interface interface-type

interface-number

—

Set to enable the device

to send Trap packets of

interface state change

enable snmp trap

updown

Optional

Transmission of Trap

packets of interface state

change is allowed by

default.

Caution:

To enable an interface to send SNMP Trap packets when its state changes, you need

to enable the Link up/down Trap packet transmission function on an interface and

globally. Use the enable snmp trap updown command to enable this function on an

interface, and use the snmp-agent trap enable [ standard [ linkdown | linkup ] * ]

command to enable this function globally.

II. Configuring Trap message transmission parameters

Follow these steps to configure Trap:

To do… Use the command… Remarks

Enter system view

system-view

—

Configure target host

attribute for Trap

messages

snmp-agent target-host

trap address

udp-domain { ip-address

| ipv6 ipv6-address }

[ udp-port port-number ]

params securityname

security-string [ v1 | v2c |

v3 [ authentication |

privacy ] ]

Required

Configure the source

address for Trap

messages

snmp-agent trap source

{ interface-type

interface-number }

Optional

Configure the queue size

for sending Trap

messages

snmp-agent trap

queue-size size

Optional

100 by default

Configure the life for Trap

messages

snmp-agent trap life

seconds

Optional

120 seconds by default

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-7

1.4 Displaying and Maintaining SNMP

To do… Use the command… Remarks

Display SNMP-agent

system information,

including the contact,

location, and version of

the SNMP

display snmp-agent

sys-info [ contact |

location | version ]*

Display SNMP agent

statistics

display snmp-agent

statistics

Display the SNMP agent

engine ID

display snmp-agent

local-engineid

Display SNMP agent

group information

display snmp-agent

group [ group-name ]

Display SNMP v3 agent

user information

display snmp-agent

usm-user [ engineid

engineid | username

user-name | group

group-name ] *

Display SNMP v1 or v2c

agent community

information

display snmp-agent

community [ read |

write ]

Display MIB view

information for an SNMP

agent

display snmp-agent

mib-view [ exclude |

include | viewname

view-name ]

Display the modules that

can send Traps and

whether their Trap

sending is enabled or not

display snmp-agent

trap-list

Available in any view

1.5 SNMP Configuration Examples

I. Network requirements

z The NMS connects to the agent, a switch, through an Ethernet.

z The IP address of the NMS is 129.102.149.23/16.

z The IP address of VLAN interface on the switch is 129.102.0.1/16.

z On the switch, configure the following: community name, access right,

administrator ID, contact, location, enabling sending of Trap messages.

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-8

II. Network diagram

Figure 1-2 Network diagram for SNMP

III. Configuration procedure

1) Configuring SNMP Agent

# Configure the community name, the SNMP agent group, and SNMP agent user.

<Sysname> system-view

[Sysname] snmp-agent sys-info version all

[Sysname] snmp-agent community read public

[Sysname] snmp-agent community write private

[Sysname] snmp-agent mib-view include internet 1.3.6.1

[Sysname] snmp-agent group v3 managev3group write-view internet

[Sysname] snmp-agent usm-user v3 managev3user managev3group

# Configure the IP address of VLAN-interface 2 as 129.102.0.1/16 for network

management. Add port Ethernet 2/1/3 used for network management to VLAN 2.

[Sysname] vlan 2

[Sysname-vlan2] port ethernet 2/1/3

[Sysname-vlan2] interface Vlan-interface 2

[Sysname-Vlan-interface2] ip address 129.102.0.1 255.255.0.0

[Sysname-Vlan-interface2] quit

# Configure the system information of the switch.

[Sysname] snmp-agent sys-info version all

[Sysname] snmp-agent sys-info contact Mr.Wang-Tel:3306

[Sysname] snmp-agent sys-info location telephone-closet,3rd-floor

# Enable the sending of Trap messages to the NMS with an IP address of

129.102.149.23/16, using public as the community name.

[Sysname] snmp-agent trap enable

[Sysname] snmp-agent target-host trap address udp-domain 129.102.149.23

udp-port 5000 params securityname public

Operation Manual – SNMP

H3C S9500 Series Routing Switches Chapter 1 SNMP Configuration

1-9

2) Configuring SNMP NMS

SNMPv3 uses authentication and privacy security model. In NMS, the user needs to

specify username and security level, and based on that level, configure the

authentication mode, authentication password, privacy mode, privacy password. In

addition, the time-out time and number of retries should also be configured. The user

can inquire and configure the switch through NMS. For detailed information, refer to the

NMS manuals.

 Note:

The configurations on the agent and the NMS must match in order to perform the

related operations.

H3C S9500 Series Operating instructions

H3C S9500 Series Operating instructions

H3C S9500 Series Operating instructions

Related papers

Other documents