SNMP Service Parameters

This chapter describes the parameters in the Simple Network Management Protocol (SNMP) Service. The SNMP parameters determine how you can use another device to access and modify the configuration of the bridge/router. Table 117 lists the SNMP Service parameters and commands.

.

Table 117 SNMP Service Parameters and Commands

Parameters	Commands
COMmunity	ADD, DELete, SHow
CONFiguration	SHow
CONTrol	SETDefault, SHow
MANager	ADD, DELete, SHow
TrapProfile	ADD, DELete, Show

If the bridge/router is used as a Transmission Control Protocol/Internet Protocol (TCP/IP) node on the network, you may need to specify the Internet address for the bridge/router using the -IP NETaddr parameter even if the bridge/router performs Xerox Network Systems (XNS) routing. An Internet address is necessary for the bridge/router to participate in SNMP network management.

Syntax

ADD -SNMP COMmunity <"com.name"> [TRiv] [RO | RW] [GEnr | AUth | ALl | NOne]

DELete -SNMP COMmunity <"com.name">

SHow -SNMP COMmunity

ANYCOM, TRiv, RO, NOne

Description

The COMmunity parameter modifies the list of communities. A community is named by a string of octets and is used for authenticating SNMP messages. A request is valid only if the community name is included in the list. A maximum of six community names is allowed in the request list.

Values

<"com.name">	Represents the community name. This string can be up to 16 characters long; only alphanumeric characters are allowed, and the string must be enclosed within quotation marks (" ").
	Optionally, specify one or more of the following values after the community name with the ADD command.
TRiv	Specifies the authentication scheme. The Trivial scheme is selected by default.
RO | RW	Specifies the access to the management information base (MIB). RO means read-only; RW means read-write access. By default, RO is selected.
GEnr | AUth	Specifies the type of trap to be generated. GEnr means general traps only. AUth means authentication fail traps only.
ALl | NOne	ALl means both general and authentication and enterprise-specific traps as well as enterprise-specific traps. NOne (the default) means no traps are generated for managers using this community string.

There is a reserved com.name called ANYCOM. It allows requests with any community name to be handled. When the community list is checked upon the arrival of a request, the entry under ANYCOM is checked last. If an entry under any other community name is found, the information in that entry is used instead of that under ANYCOM. If traps are configured for ANYCOM, the community name field in the trap PDU is left blank.

The name ANYCOM is case-sensitive and must be entered in uppercase letters in order to function as expected.

Syntax

SHow -SNMP CONFiguration

No default

Description

The CONFiguration parameter displays the values of CONTrol and the SNMP Configuration Table.

Syntax

SETDefault -SNMP CONTrol = ([Manage | NoManage], [Trap | NoTrap])

SHow -SNMP CONTrol

Manage, NoTrap

Description

The CONTrol parameter determines how the SNMP agent operates.

Values

Manage | NoManage	Enables or disables response to incoming requests.
Trap | NoTrap	Enables or disables trap generation.
	Traps can be generated even if NoManage is selected. Authentication failure traps are not generated because all incoming requests are ignored.

Syntax

ADD -SNMP MANager <"com.name"> <IP address> [<mask>] [<TrapProfileName>]

DELete -SNMP MANager <"com.name"> <IP address>

SHow -SNMP MANager

No default

Description

The MANager parameter modifies the list of managers for a community name. If the manager list is empty, any request with a matching community name is allowed. If a manager list is specified, any incoming Internet address must match the Internet address and mask combination in the specified Internet address list. A maximum of ten manager entries per community name are allowed.

Values

<"com.name" >	Specifies the community name whose Internet address list should be updated.
<IP address>	Specifies any Internet address.
<mask>	Specifies the mask, which is used as a wild card and is specified in the Internet address format. By default, mask is 0.0.0.0.
	The bits in the mask and the Internet address have a one-to-one mapping. For example, if a bit in the mask is 1, then the corresponding bit in the incoming Internet address can be 1 or 0. If the bit in the mask is 0, the corresponding bit in the incoming Internet address must match the corresponding bit in the Internet address specified in the ADD MANager command.
TrapProfileName	Adds an SNMP Manager with a specified community string and trap attributes. If a TrapProfileName is used, the TrapProfile corresponding to the TrapProfileName must first be defined. If the TrapProfileName is not defined, the add command will result in an error. If a TrapProfileName is not specified, the "default" profile is used.

Example

To add a manager to the list, enter:

ADD -SNMP MANager "public" 129.213.16.1

Use the SHow -SNMP MANager command to display the SNMP Configuration Table:

------------------SNMP Configuration Table------------------------
Community	Access		Traps	Managers	Masks	TrapProfile
public	R+W		All	129.213.48.58	0.0.0.0	DEFAULT
				129.213.16.1	0.0.0.0	DEFAULT
test1	RO		None	129.213.1.1	0.0.0.0	DEFAULT
				129.213.1.2	0.0.0.0	DEFAULT
3Com	RO		None	130.213.19.24	255.255.00	DEFAULT
---------------------SNMP Trap Profile Table------------------------
ProfileName	Setting
ALL	(All)
AUTH	(AUTH)
DEFAULT	(UseDefault
GEN	(GEnr)
NONE	(NONE)
trap1	(AUTH)

Using the above table, the following requests with community name "public" are valid:

• A read or write request from a manager with Internet address 129.213.16.1 or 129.213.48.58.

With community name "3Com," the requests from managers with the first two bytes of the Internet address as 130.213 and with the highest bit in the third byte set to 1 are considered valid.

If traps are specified, you cannot use wild cards. Traps are generated to all Internet addresses specified in the list.

To delete a manager entry in the list, use the DELete command.

To display the SNMP Configuration Table, use the SHow command. The SNMP Configuration Table displayed is the same as the one displayed by the SHow -SNMP COMmunity command.

Syntax

ADD TrapProfile "<TrapProfileName>" [AUDitLog] [AUTH] [Dot1dBridge] [DLSw] [DLSWSna] [FrameRelay] [GEnr] [ISDN] [PATH [PORT] [REMote] [RMon] [SDLC] [SYS] [VPN]\

DELete TrapProfile "<TrapProfileName>"

SHow -snmp TrapProfile

None

Description

The TrapProfile parameter allows users to add or delete trap profiles. The settings are associated with a profile name and are used when a Manager is configured. There are five predefined profiles. Users are not allowed to change the settings of, or delete the predefined profiles. The following example shows the predefined profiles with their respective settings.

sh -snmp TrapProfile
-------------------SNMP Trap Profile Table-------------------------
ProfileName	Setting
DEFAULT	(UseDefault) Meaning that we use the per community trap setting.
GEN	(Gen)
AUTH	(Auth)
ALL	(ALL)
NONE	(NONE)

Values

TrapProfileName	Allows the user to configure trap settings on a per-Manager basis. If no TrapProfileName is provided when the manager is configured the per community string setting is used.