Aruba R9G17A User guide

Type
User guide

This manual is also suitable for

AOS-CX 10.12 SNMP/MIB
Guide
All AOS-CX Series Switches
Published: August 2023
Edition: 2
|2
Copyright Information
© Copyright 2023 Hewlett Packard Enterprise Development LP.
This product includes code licensed under certain open source licenses which require source
compliance. The corresponding source for these components is available upon request. This offer is
valid to anyone in receipt of this information and shall expire three years following the date of the final
distribution of this product version by Hewlett Packard Enterprise Company. To obtain such source
code, please check if the code is available in the HPE Software Center at
https://myenterpriselicense.hpe.com/cwp-ui/software but, if not, send a written request for specific
software version and product for which you want the open source code. Along with the request, please
send a check or money order in the amount of US $10.00 to:
Hewlett Packard Enterprise Company
Attn: General Counsel
WW Corporate Headquarters
1701 E Mossy Oaks Rd Spring, TX 77389
United States of America.
Notices
The information contained herein is subject to change without notice. The only warranties for Hewlett
Packard Enterprise products and services are set forth in the express warranty statements
accompanying such products and services. Nothing herein should be construed as constituting an
additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or
omissions contained herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession,
use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer
Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government
under vendor's standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard
Enterprise has no control over and is not responsible for information outside the Hewlett Packard
Enterprise website.
Contents
Contents
Contents 3
About this document 5
Applicable products 5
Latest version available online 5
Command syntax notation conventions 5
About the examples 6
Identifying switch ports and interfaces 7
Identifying modular switch components 8
SNMP 9
SNMP write: PoE write capabilities 9
SNMP write: VLAN write capabilities 9
SNMP write: Configurations 10
SNMP MIB view 12
Configuring SNMP MIBview 12
SNMP MIB view limitations 13
SNMP traps 13
Configuring SNMP 14
SNMP commands 17
event-trap-enable 17
lldp trap enable 17
mac-notify traps 20
rmon alarm 21
rmon alarm {enable | disable} {index | all} 22
show configuration-changes trap 23
show mac-notify 24
show mac-notify port 24
show rmon alarm 25
show snmp agent-port 27
show snmp community 27
show snmp system 28
show snmp trap 29
show snmp views 29
show snmp vrf 31
show snmpv3 context 31
show snmpv3 engine-id 32
show snmpv3 security-level 33
show snmpv3 users 33
snmp-server agent-port 34
snmp-server community 35
snmp-server community view 37
snmp-server historical-counters-monitor 38
snmp-server host 39
snmp-server response-source 41
snmp-server snmpv3-only 42
snmp-server system-contact 42
snmp-server system-description 43
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 3
Contents |4
snmp-server system-location 44
snmp-server trap 45
snmp-server trap aaa-server-reachability-status 46
snmp-server trap configuration-changes 47
snmp-server trap mac-notify 48
snmp-server trap module 48
snmp-server trap port-security 49
snmp-server trap snmp 50
snmp-server trap-source interface vrf 51
snmp-server trap vsx 52
snmp-server view 53
snmp-server vrf 54
snmpv3 context 55
snmpv3 engine-id 56
snmpv3 security-level 57
snmpv3 user 58
snmpv3 user view 60
Entity MIB support 61
Location of the MIB files on the web 62
Updated MIBs and Traps for AOS-CX 10.12 62
NETWORKING OID 62
LLDP 62
Power Supply 62
System Information 63
OIDs that support SNMP read-write 63
OIDs that support SNMP read-create 64
Support and Other Resources 65
Accessing Aruba Support 65
Accessing Updates 66
Aruba Support Portal 66
My Networking 66
Warranty Information 66
Regulatory Information 66
Documentation Feedback 67
Chapter 1
About this document
About this document
This document describes features of the AOS-CX network operating system. It is intended for
administrators responsible for installing, configuring, and managing Aruba switches on a network.
Applicable products
This document applies to the following products:
nAruba 4100i Switch Series (JL817A, JL818A)
nAruba 6000 Switch Series (R8N85A, R8N86A, R8N87A, R8N88A, R8N89A, R9Y03A)
nAruba 6100 Switch Series (JL675A, JL676A, JL677A, JL678A, JL679A)
nAruba 6200 Switch Series (JL724A, JL725A, JL726A, JL727A, JL728A, R8Q67A, R8Q68A, R8Q69A, R8Q70A,
R8Q71A, R8V08A, R8V09A, R8V10A, R8V11A, R8V12A, R8Q72A)
nAruba 6300 Switch Series (JL658A, JL659A, JL660A, JL661A, JL662A, JL663A, JL664A, JL665A, JL666A,
JL667A, JL668A, JL762A, R8S89A, R8S90A, R8S91A, R8S92A)
nAruba 6400 Switch Series (R0X31A, R0X38B, R0X38C, R0X39B, R0X39C, R0X40B, R0X40C, R0X41A,
R0X41C, R0X42A, R0X42C, R0X43A, R0X43C, R0X44A, R0X44C, R0X45A, R0X45C, R0X26A, R0X27A,
JL741A)
nAruba 8100 Switch Series (R9W94A, R9W95A, R9W96A, R9W97A)
nAruba 8320 Switch Series (JL479A, JL579A, JL581A)
nAruba 8325 Switch Series (JL624A, JL625A, JL626A, JL627A)
nAruba 8360 Switch Series (JL700A, JL701A, JL702A, JL703A, JL706A, JL707A, JL708A, JL709A, JL710A,
JL711A, JL700C, JL701C, JL702C, JL703C, JL706C, JL707C, JL708C, JL709C, JL710C, JL711C, JL704C, JL705C,
JL719C, JL718C, JL717C, JL720C, JL722C, JL721C )
nAruba 8400 Switch Series (JL366A, JL363A, JL687A)
nAruba 9300 Switch Series (R9A29A, R9A30A, R8Z96A)
nAruba 10000 Switch Series (R8P13A, R8P14A)
Latest version available online
Updates to this document can occur after initial publication. For the latest versions of product
documentation, see the links provided in Support and Other Resources.
Command syntax notation conventions
Convention Usage
example-text Identifies commands and their options and operands, code examples,
filenames, pathnames, and output displayed in a command window. Items
that appear like the example text in the previous column are to be entered
exactly as shown and are required unless enclosed in brackets ([ ]).
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 5
About this document |6
Convention Usage
example-text In code and screen examples, indicates text entered by a user.
Any of the following:
n<example-text>
n<example-text>
nexample-text
nexample-text
Identifies a placeholder—such as a parameter or a variable—that you must
substitute with an actual value in a command or in code:
nFor output formats where italic text cannot be displayed, variables
are enclosed in angle brackets (< >). Substitute the text—including
the enclosing angle brackets—with an actual value.
nFor output formats where italic text can be displayed, variables
might or might not be enclosed in angle brackets. Substitute the
text including the enclosing angle brackets, if any, with an actual
value.
|Vertical bar. A logical OR that separates multiple items from which you can
choose only one.
Any spaces that are on either side of the vertical bar are included for
readability and are not a required part of the command syntax.
{ } Braces. Indicates that at least one of the enclosed items is required.
[ ] Brackets. Indicates that the enclosed item or items are optional.
or
...
Ellipsis:
nIn code and screen examples, a vertical or horizontal ellipsis indicates an
omission of information.
nIn syntax using brackets and braces, an ellipsis indicates items that can be
repeated. When an item followed by ellipses is enclosed in brackets, zero
or more items can be specified.
About the examples
Examples in this document are representative and might not match your particular switch or
environment.
The slot and port numbers in this document are for illustration only and might be unavailable on your
switch.
Understanding the CLI prompts
When illustrating the prompts in the command line interface (CLI), this document uses the generic term
switch, instead of the host name of the switch. For example:
switch>
The CLI prompt indicates the current command context. For example:
switch>
Indicates the operator command context.
switch#
Indicates the manager command context.
switch(CONTEXT-NAME)#
Indicates the configuration context for a feature. For example:
switch(config-if)#
Identifies the interface context.
Variable information in CLI prompts
In certain configuration contexts, the prompt may include variable information. For example, when in
the VLAN configuration context, a VLAN number appears in the prompt:
switch(config-vlan-100)#
When referring to this context, this document uses the syntax:
switch(config-vlan-<VLAN-ID>)#
Where <VLAN-ID> is a variable representing the VLAN number.
Identifying switch ports and interfaces
Physical ports on the switch and their corresponding logical software interfaces are identified using the
format:
member/slot/port
On the 4100i Switch Series
nmember: Always 1. VSF is not supported on this switch.
nslot: Always 1. This is not a modular switch, so there are no slots.
nport: Physical number of a port on the switch.
For example, the logical interface 1/1/4 in software is associated with physical port 4 on the switch.
On the 6000 and 6100 Switch Series
nmember: Always 1. VSF is not supported on this switch.
nslot: Always 1. This is not a modular switch, so there are no slots.
nport: Physical number of a port on the switch.
For example, the logical interface 1/1/4 in software is associated with physical port 4 on the switch.
On the 6200 Switch Series
nmember: Member number of the switch in a Virtual Switching Framework (VSF) stack. Range: 1 to 8.
The primary switch is always member 1. If the switch is not a member of a VSF stack, then member is
1.
nslot: Always 1. This is not a modular switch, so there are no slots.
nport: Physical number of a port on the switch.
For example, the logical interface 1/1/4 in software is associated with physical port 4 in slot 1 on
member 1.
On the 6300 Switch Series
nmember: Member number of the switch in a Virtual Switching Framework (VSF) stack. Range: 1 to 10.
The primary switch is always member 1. If the switch is not a member of a VSF stack, then member is
1.
nslot: Always 1. This is not a modular switch, so there are no slots.
nport: Physical number of a port on the switch.
For example, the logical interface 1/1/4 in software is associated with physical port 4 on member 1.
On the 6400 Switch Series
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 7
About this document |8
nmember: Always 1. VSF is not supported on this switch.
nslot: Specifies physical location of a module in the switch chassis.
oManagement modules are on the front of the switch in slots 1/1 and 1/2.
oLine modules are on the front of the switch starting in slot 1/3.
nport: Physical number of a port on a line module.
For example, the logical interface 1/3/4 in software is associated with physical port 4 in slot 3 on
member 1.
On the 83xx, 9300, and 10000 Switch Series
nmember: Always 1. VSF is not supported on this switch.
nslot: Always 1. This is not a modular switch, so there are no slots.
nport: Physical number of a port on the switch.
For example, the logical interface 1/1/4 in software is associated with physical port 4 on the switch.
If using breakout cables, the port designation changes to x:y, where x is the physical port and y is the lane when
split to 4 x 10G or 4 x 25G. For example, the logical interface 1/1/4:2 in software is associated with lane 2 on
physical port 4 in slot 1 on member 1.
On the 8400 Switch Series
nmember: Always 1. VSF is not supported on this switch.
nslot: Specifies physical location of a module in the switch chassis.
oManagement modules are on the front of the switch in slots 1/5 and 1/6.
oLine modules are on the front of the switch in slots 1/1 through 1/4, and 1/7 through 1/10.
nport: Physical number of a port on a line module
For example, the logical interface 1/1/4 in software is associated with physical port 4 in slot 1 on
member 1.
Identifying modular switch components
nPower supplies are on the front of the switch behind the bezel above the management modules.
Power supplies are labeled in software in the format: member/power supply:
omember: 1.
opower supply: 1 to 4.
nFans are on the rear of the switch and are labeled in software as: member/tray/fan:
omember: 1.
otray: 1 to 4.
ofan: 1 to 4.
nFabric modules are not labeled on the switch but are labeled in software in the format:
member/module:
omember: 1.
omember: 1 or 2.
nThe display module on the rear of the switch is not labeled with a member or slot number.
Chapter 2
SNMP
SNMP
Simple Network Management Protocol (SNMP) is an Internet-standard protocol used for managing and
monitoring the devices connected to a network by collecting, organizing, and modifying information
about managed devices on IP networks.
SNMP write: PoE write capabilities
PoE enable
The PoE enable is requested through SNMP to enable the PoE interface. The admin_disable SNMP value
is updated to enable the PoE interface.
PoE disable
The PoE disable is requested through SNMP to disable the PoE interface. The admin_disable SNMP
value is updated to disable the PoE interface.
PoE cycle
The PoE cycle is a feature where you can request a PoE port reset with a timeout ranging from 1 to 60
seconds. The PoE cycle is requested through the SNMP server to disable and enable a PoE interface with
an input timeout of 1 to 60 seconds. The PoE handles the PoE disable and enable events when the SNMP
value is updated for admin_disable correspondingly. It is a one-time operation.
PoE priority
PoE priority handles the power priority to decide the number of ports to be powered up according to the
set priority. This SNMP request sets the PoE interface PoE priority to one of these three values:
ncritical
nhigh
nlow (The default priority is low)
SNMP write: VLAN write capabilities
VLAN Add or Delete
The index for the ieee8021QBridgeVlanStaticTable and dot1qVlanStaticTable is VLAN. To create or delete
a VLAN, either configure:
nieee8021QBridgeVlanStaticRowStatus Mib object in ieee8021QBridgeVlanStaticTable
or
ndot1QBridgeVlanStaticRowStatus Mib object in dot1qVlanStaticTable
Set the value to 4 to create a new VLAN, and set the value to 6 to delete an existing VLAN.
Add or Delete Tagged Port(s) to a VLAN
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 9
SNMP |10
The index for the ieee8021QBridgeVlanStaticTable and dot1qVlanStaticTable is VLAN. To set or clear
port(s) as tagged members for the VLAN, either configure:
nieee8021QBridgeVlanStaticEgressPorts Mib object in ieee8021QBridgeVlanStaticTable
or
ndot1QBridgeVlanStaticEgressPorts Mib object in dot1qVlanStaticTable
Changes to a bit in this object affect per-port and per-VLAN registrar control.
Add or Delete Untagged Port(s) to a VLAN
The index for the ieee8021QBridgeVlanStaticTable and dot1qVlanStaticTable is VLAN. To set or clear
port(s) as untagged members for the VLAN, either configure:
nieee8021QBridgeVlanStaticUntaggedPorts Mib object in ieee8021QBridgeVlanStaticTable
or
ndot1QBridgeVlanStaticEgressPorts Mib object in dot1qVlanStaticTable
Changes to a bit in this object affect the per-port, per-VLAN Registrar control.
Enable or Disable MVRP to Port
The index for the ieee8021QBridgePortVlanTable and dot1qPortVlanTable is port. To enable or disable
port level MVRP status, either configure:
nieee8021QBridgeMvrpEnabledStatus Mib object in ieee8021QBridgePortVlanTable
or
ndot1QBridgeMvrpEnabledStatus Mib object in dot1qPortVlanTable
The value true(1) indicates that MVRP is enabled on the device and false(2) indicates that MVRP is
disabled for all ports on the device.
Add untagged VLAN to a Port
The index for the ieee8021QBridgePortVlanTable and dot1qPortVlanTable is port. To set untagged vlan
for the port, either configure:
nieee8021QBridgePvid Mib object in ieee8021QBridgePortVlanTable
or
ndot1QBridgePvids Mib object in dot1qPortVlanTable
SNMP write: Configurations
Prerequisites
The switch must be configured for external access (such as management interface and IP addressing)
and SNMP enabled (such as SNMPv2 and SNMPv3).
switch(config)# interface mgmt
switch(config-if-mgmt)# no shutdown
switch(config-if-mgmt)# ip static 10.10.10.4/24
switch(config)# snmp-server vrf mgmt
switch(config)# no snmpv3 security-level auth-privacy
switch(config)# snmpv3 user test auth md5 auth-pass plaintext password priv aes
priv-pass plaintext password access-level rw
SNMP set examples
The following examples are executed from an external client communicating through SNMP to the
switch. They describes both command syntax and OID interpretations:
ncopy running-config startup-config
snmpset -v3 -t100 -u test -l authPriv -a md5 -A password -x aes -X password
10.10.10.4 1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 3
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 2
OID Description
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4 Create operation.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 3 Set source type to RunningConfig.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 2 Set destination type to StartupConfig.
ncopy startup-config running-config
snmpset -v3 -t100 -u test -l authPriv -a md5 -A password -x aes -X password
10.10.10.4 1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 2
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 3
OID Description
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4 Create operation.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 2 Set source type to StartupConfig.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 3 Set destination type to RunningConfig.
ncopy REMOTE-URL running-config
snmpset -v3 -t100 -u test -l authPriv -a md5 -A password -x aes -X password
10.10.10.4 1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 1
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 3
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.4.5 i 4
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.6.5 i 1
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.7.5 s "file"
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.9.5 s "10.10.10.1"
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.12.5 s "mgmt"
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.10.5 s "user"
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.11.5 s "password"
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 11
SNMP |12
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.13.5 i 1
OID Description
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4 Create operation.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 1 Set source type to external file.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 3 Set destination type to RunningConfig.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.4.5 i 4 Set protocol to SFTP.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.6.5 i 1 Set file format to CLI.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.7.5 s "file" Set file name.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.9.5 s "10.10.10.1" Set IP from server.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.12.5 s "mgmt" Set VRF.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.10.5 s "user" Set username to authenticate, if applicable.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.11.5 s "password" Set password to authenticate, if applicable.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.13.5 i 1 Enable Notification on completion, if required.
ncopy running-config checkpoint ckpt1
snmpset -v3 -t100 -u test -l authPriv -a md5 -A password -x aes -X password
10.10.10.4 1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 3
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 4
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.5.5 s "ckp1"
OID Description
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.18.5 i 4 Create operation.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.2.5 i 3 Set source type to RunningConfig.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.3.5 i 4 Set destination type to Checkpoint.
1.3.6.1.4.1.47196.4.1.1.3.20.1.0.1.1.5.5 s "ckp1" Set checkpoint name to ckp1.
SNMP MIB view
SNMP MIB view is a group of view subtrees in the MIB hierarchy. A view subtree is identified by the
pairing of an Object Identifier (OID) subtree value with a bit string mask value. Each MIB view is defined
by the view subtrees that is included or excluded from the MIB view. You can use the MIB views to
control the OID range that SNMPv3 users or SNMP v1/v2 community can access.
Configuring SNMP MIBview
The following parameters are required to configure the SNMP MIB view:
nView name - Specifies the name of the SNMP MIB view. View names can support up to a maximum of
32 alphanumeric characters.
nType - Whether to include or exclude the view subtree or group of subtrees from the SNMP MIB view.
nOID - An OID string for the subtree to include or exclude from the SNMP MIB view.
For example, the system subtree is specified by the OID string .1.3.6.1.2.1.1.
nMask - It is an OID mask. The mask is 47 characters in length.
oThe format is xx:xx.... (:). Each OID mask is 16 octets in length.
oAn octet is two hexadecimal characters separated by : (colon). Only hexadecimal characters are
accepted in this field.
For example, OID mask FF:A0 is 11111111:10100000.
SNMP MIB view limitations
An snmpwalk with a community or v3 user attached to context takes precedence over SNMP MIB view. If
the context is attached to the user or community, the SNMP MIB view configured to the v3 user or
community will not take effect.
Example:
snmp view admin system ff included
snmp-server community admin view admin
snmpv3 context new vrf default community admin
snmpv3 user nw_user context new
snmpv3 user nw_user view admin
Aruba proprietary MIB names without :: (double colon) seperated root MIB names are not supported for
SNMP MIB view.
nThe following examples are supported for SNMP MIB view:
snmp-server view user_view .1.3.6.1.4.1.47196.4.1.1.3.11.6.1.1.4 FF included
snmp-server view admin_1 ARUBAWIRED-MODULE-MIB::arubaWiredModuleName FF included
nThe following example is not supported for SNMP MIB view:
snmp-server view new_view arubaWiredModuleName included
SNMP traps
Event log traps
When SNMP is configured, interface daemons event log messages for link-up and link-down events will
be sent as traps.
Event log trap OID: 1.3.6.1.4.1.47196.4.1.1.3.4.1.1
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 13
SNMP |14
Parameter OID Description
sysUpTimeInstance 1.3.6.1.2.1.1.3.0 Contains the uptime for the system in
centiseconds
snmpTrapOID 1.3.6.1.6.3.1.1.4.1 Contains the OID for the event log trap
eventIndex 1.3.6.1.2.1.16.9.1.1.1 Contains an index that uniquely identifies
an event
eventDescription 1.3.6.1.2.1.16.9.1.1.2 Contains the event log message
Link-up and link-down traps
Standard IF-MIB link-up and link-down traps will be sent on link-state change when an interface is
configured using trap link-status or when user_config:link_state_snmp_trap is set to true. The
trap sends the current information for ifindex, admin status, operational status, and interface name.
Link up trap OID: 1.3.6.1.6.3.1.1.5.4
Link down trap OID: 1.3.6.1.6.3.1.1.5.3
Parameter OID Description
sysUpTimeInstance 1.3.6.1.2.1.1.3.0 Contains the uptime for the system in
centiseconds
snmpTrapOID 1.3.6.1.6.3.1.1.4.1 Contains the OID for the link up or
linkdown trap
ifIndex 1.3.6.1.2.1.2.2.1.1.X Contains the ifindex for the interface
ifAdminStatus 1.3.6.1.2.1.2.2.1.7.X Contains the admin status for the interface
ifOperStatus 1.3.6.1.2.1.2.2.1.8.X Contains the operational status for the
interface
ifDescr 1.3.6.1.2.1.2.2.1.2.X Contains the name for the interface
Configuring SNMP
SNMP agent provides read-write access for specific OIDs. Refer OIDs that support SNMP read-write for
the list of OIDs that supports read-write operations.
Best practices is to use a 5-second (-t5) timeout in a scaled environment, when the network traffic is high or
when there is significant load on the switch.
Procedure
1. SNMP is not enabled on the switch by default, unless the user enables it over any available VRF or
with the default/mgmt VRF using the command snmp-server vrf <NAME>. For example, use the
command snmp-server vrf mgmt to enable SNMP on the management interface. Use the
command snmp-server vrf default to enable SNMP on the default VRF. Use the command
snmp-server vrf <USERDEFINED_VRF_NAME> to enable SNMP on the user created VRF.
2. Set the system contact, location, and description for the switch with the following commands:
nsnmp-server system-contact
nsnmp-server system-location
nsnmp-server system-description
You can also set the system location and system contact values using SNMP.
3. If required, change the default SNMP port on which the agent listens for requests with the
command snmp-server agent-port.
4. By default, the agent uses the community string public to protect access through SNMPv1/v2c.
Set a new community string with the command snmp-server community.
5. Configure the trap receivers to which the SNMP agent will send trap notifications with the
command snmp-server host.
6. Create an SNMPv3 context and associate it with any available SNMPv3 user to perform context
specific v3 MIB polling using the command snmpv3 user <V3_USERNAME> context <CONTEXT_
NAME>.
7. Create an SNMPv3 context and associate it with an available SNMPv1/v2c community string to
perform context specific v1/v2c MIB polling using the command snmpv3 context <CONTEXT_
NAME> vrf <VRF_NAME> community <COMMUNITY_NAME>.
8. Review your SNMP configuration settings with the following commands:
nshow snmp agent-port
nshow snmp community
nshow snmp system
nshow snmpv3 context
nshow snmp trap
nshow snmp vrf
nshow snmpv3 users
nshow tech snmp
Example 1
This example creates the following configuration:
nEnables SNMP on the out-of-band management interface (VRF mgmt).
nSets the contact, location, and description for the switch to: JaniceM,Building2,LabSwitch.
nSets the community string to Lab8899X.
switch(config)# snmp-server vrf mgmt
switch(config)# snmp-server system-contact JaniceM
switch(config)# snmp-server system-location Building2
switch(config)# snmp-server system-description LabSwitch
switch(config)# snmp-server community Lab8899X
Example 2
This example creates the following configuration:
nCreates an SNMPv3 user named Admin using sha authentication with the plaintext password
mypassword and using des security with the plaintext password myprivpass.
nAssociates the SNMPv3 user Admin with a context named newContext.
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 15
SNMP |16
switch(config)# snmpv3 user Admin auth sha auth-pass plaintext mypassword priv des
priv-pass plaintext myprivpass
switch(config)# snmpv3 user Admin context newContext
Chapter 3
SNMP commands
event-trap-enable
event-trap-enable
no event-trap-enable
Description
Enables the notification of events to be sent as traps to the SNMP management stations. It is enabled by
default.
The no form of this command disables the event traps.
Examples
Enabling the event traps:
switch(config)# event-trap-enable
Disabling the event traps:
switch(config)# no event-trap-enable
Command History
Release Modification
10.07 or earlier --
Command Information
Platforms Command context Authority
All platforms config Administrators or local user group members with execution rights
for this command.
lldp trap enable
lldp trap enable
no lldp trap enable
Description
Enables sending SNMP traps for LLDP related events from a particular interface. LLDP trap generation is
enabled by default on all the interfaces and has to be disabled for interfaces on which traps are not
required to be generated.
The no form of this command disables the LLDP trap generation.
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 17
|18
LLDP trap generation is disabled by default at the global level and must be enabled before any LLDP traps are
sent.
Examples
Enabling LLDP trap generation on global level:
switch(config)# lldp trap enable
Enabling LLDP trap generation on interface level:
switch(config-if)# lldp trap enable
Disabling LLDP trap generation on global level:
switch(config)# no lldp trap enable
Disabling LLDP trap generation on interface level:
switch(config-if)# no lldp trap enable
Displaying LLDP global configuration:
switch# show lldp configuration
LLDP Global Configuration
=========================
LLDP Enabled : No
LLDP Transmit Interval : 30
LLDP Hold Time Multiplier : 4
LLDP Transmit Delay Interval : 2
LLDP Reinit Timer Interval : 2
LLDP Trap Enabled : No
TLVs Advertised
===============
Management Address
Port Description
Port VLAN-ID
System Description
System Name
LLDP Port Configuration
=======================
PORT TX-ENABLED RX-ENABLED INTF-TRAP-ENABLED
--------------------------------------------------------------------------
1/1/1 Yes Yes Yes
1/1/2 Yes Yes Yes
1/1/3 Yes Yes Yes
1/1/4 Yes Yes Yes
1/1/5 Yes Yes Yes
1/1/6 Yes Yes Yes
...........
...........
mgmt Yes Yes Yes
Displaying LLDP Configuration for the interface:
switch# show lldp configuration 1/1/1
LLDP Global Configuration
=========================
LLDP Enabled : Yes
LLDP Transmit Interval : 30
LLDP Hold Time Multiplier : 4
LLDP Transmit Delay Interval : 2
LLDP Reinit Timer Interval : 2
LLDP Trap Enabled : No
LLDP Port Configuration
=======================
PORT TX-ENABLED RX-ENABLED INTF-TRAP-ENABLED
--------------------------------------------------------------------------
1/1/1 Yes Yes Yes
Displaying LLDP Configuration for the management interface:
switch# show lldp configuration mgmt
LLDP Global Configuration
=========================
LLDP Enabled : Yes
LLDP Transmit Interval : 30
LLDP Hold Time Multiplier : 4
LLDP Transmit Delay Interval : 2
LLDP Reinit Timer Interval : 2
LLDP Trap Enabled : Yes
LLDP Port Configuration
=======================
PORT TX-ENABLED RX-ENABLED INTF-TRAP-ENABLED
--------------------------------------------------------------------------
mgmt Yes Yes Yes
Command History
Release Modification
10.07 or earlier --
Command Information
AOS-CX 10.12 SNMP/MIB Guide | (All AOS-CX Series Switches) 19
|20
Platforms Command context Authority
All platforms config and config-if Administrators or local user group members with execution rights
for this command.
mac-notify traps
mac-notify traps {aged | learned | moved | removed}
no mac-notify traps {aged | learned | moved | removed}
Description
Configures a Layer 2 interface to generate SNMP trap notifications for up to four different types of
dynamic MAC address related events on the trunk or access in physical or lag interfaces.
The no form of this command removes the traps from the interface.
Parameter Description
aged Notifies when a MAC address aged out on the interface.
learned Notifies when a MAC address is learned on the interface.
moved Notifies when a MAC address moved from the interface.
removed Notifies when a MAC address is removed from the interface.
MAC notification trap addition to or removal from an interface can be in any combination, quantity, or order. The
addition of existing configured traps or removal of non-configured traps will be accepted and ignored.
The mac-notify feature must be enabled globally for any interface configurations to generate SNMP traps.
MAC notification cannot be configured on a Layer 3 (routing) interface. A Layer 2 interface that is changed to a
Layer 3 interface through the routing command will discard any existing MAC notification configurations.
In cases of MACs learned on port-access port-security enabled ports, the move scenario is handled by the
port-access feature through the deletion of the MAC from the old part and installation on the new port. In this
scenario, MAC trap notifications, if enabled, will reflect that by producing removed and learned notifications.
Usage
The following are the limitation for SNMP MAC notify traps:
nSNMP MAC change notification trap is not supported for VxLAN – Overlay hosts.
nMac notify trap will not generate for Static MACs.
nvsx-sync is not supported for this feature. Hence, you must enable the MAC notify traps explicitly on
secondary to ensure the traps are generated.
Examples
MAC notification types and the associated events only apply to Layer 2 interfaces, hence routing might need to
be disabled on the relevant interfaces.
Enabling the traps on an L2 interface:
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67

Aruba R9G17A User guide

Type
User guide
This manual is also suitable for

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI