< Home

Configuring Basic SNMPv1 Functions

Context

For the configuration of basic SNMP functions, steps 1, 4, 5, and 6 are mandatory. After the configuration is complete, basic SNMP communication can be established between the NMS and managed device.

Procedure

  1. Run system-view

    The system view is displayed.

  2. (Optional) Run snmp-agent

    The SNMP agent is enabled.

    By default, the SNMP agent is disabled. Executing the snmp-agent command can enable the SNMP agent, even if no parameter is specified in the command.

  3. (Optional) Run snmp-agent udp-port port-num

    The port number of the SNMP agent is changed.

    The default port number of the SNMP agent is 161.

    This command enhances device security. After this command is run on an SNMP agent connecting to the NMS, ensure that the port number on the NMS is the same as the changed port number. Otherwise, the SNMP agent cannot connect to the NMS.

  4. Run snmp-agent sys-info version v1

    The SNMP version is set to SNMPv1.

    By default, the device supports SNMPv3. After you set the SNMP version to SNMPv1, the device supports both SNMPv1 and SNMPv3, and can be managed by NMSs running SNMPv1 and SNMPv3.

  5. Run snmp-agent community { read | write } { community-name | cipher community-name } [ mib-view view-name | acl { acl-number | acl-name } | alias alias-name ] *, snmp-agent community { read | write } [ cipher ] community-name [ mib-view view-name ] acl-ipv4 { acl-number | acl-name } [ acl-ipv6 { acl-number | acl-name } ] [ alias alias-name ] or snmp-agent community { read | write } [ cipher ] community-name [ mib-view view-name ] acl-ipv6 { acl-number | acl-name } [ alias alias-name ]

    The community name is set.

    By default, no community name exists on the device, and the device checks complexity of community names. If the check fails, the community name cannot be configured. To ensure the security of SNMP community names, you are advised to refrain from using the snmp-agent community complexity-check disable command to disable community name complexity check. The device has the following requirements for community name complexity:

    • The minimum length of a community name is determined by the set password min-length command. By default, a password contains 8 characters.

    • A community name includes at least two kinds of characters, which can be uppercase letters, lowercase letters, digits, and special characters (excluding question marks and spaces). When double quotation marks are used around the string, spaces are allowed in the string.

    To change the access right of the NMS, see Restricting Management Rights of the NMS. Ensure that the community name of the NMS is the same as that set on the agent; otherwise, the NMS cannot access the agent.

  6. Choose one of the following commands according to your network requirements to configure a destination IP address of the traps and error codes sent from the device.

    Before configuring a device to send traps, confirm that the information center has been enabled. The information center can be enabled by running the info-center enable command.

    • To configure a destination IPv4 address for the traps and error codes sent from the device, run the snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number | source interface-type interface-number | [ public-net | vpn-instance vpn-instance-name ] ] * params securityname { security-name | cipher security-name } [ v1 | private-netmanager | notify-filter-profile profile-name | ext-vb ] * command.

    • To configure a destination IPv6 address for the traps and error codes sent from the device, run the snmp-agent target-host trap ipv6 address udp-domain ipv6-address [ udp-port port-number | vpn-instance vpn-instance-name ] * params securityname { security-name | cipher security-name } [ v1 | private-netmanager | notify-filter-profile profile-name | ext-vb ] * command.

    Note the following before running the command:

    • The default destination UDP port number is 162. To ensure secure communication between the NMS and managed devices, run the udp-port command to change the UDP port number to a lesser-known port number.

    • The securityname parameter identifies the devices that send traps on the NMS.

    • If the NMS and managed devices are both Huawei products, the private-netmanager parameter can be configured to add more information to trap messages to help you locate and solve problems more quickly. The additional information includes trap type, serial number, and sending time.

    • If traps sent from a managed device to the NMS need to be transmitted over a public network, the public-net parameter needs to be configured. If traps sent from the managed device to the NMS need to be transmitted over a private network, the vpn-instance vpn-instance-name parameter needs to be configured. This parameter is used to specify a VPN that will take over the transmission task.

  7. (Optional) Run snmp-agent sys-info { contact contact | location location }

    The device administrator's contact information or location is configured.

    By default, the device administrator's contact information is "R&D Beijing, Huawei Technologies Co., Ltd." and location is "Beijing China."

    This step is required for the NMS administrator to view contact information and locations of the device administrator when the NMS manages many devices. This helps the NMS administrator to contact the device administrator for fault location and rectification.

  8. (Optional) Run snmp-agent packet max-size byte-count

    The maximum size of an SNMP packet is set.

    By default, the maximum size of an SNMP packet is 12000 bytes.

    When the size of an SNMP packet is larger than the configured value, the device discards the SNMP packet. To ensure that the NMS can process SNMP packets properly, set the parameter byte-count to the maximum size of an SNMP packet that the NMS can process.

  9. (Optional) Run snmp-agent protocol source-interface interface-type interface-number

    A source interface is configured for receiving and responding to NMS's requests.

    By default, a source interface is randomly selected for receiving and responding to NMS's requests.

  10. (Optional) Run snmp-agent protocol ipv6 source-ip ipv6-address

    A source IPv6 address is configured for receiving and responding to NMS's requests.

    By default, a source IPv6 address is randomly selected for receiving and responding to NMS's requests.

  11. (Optional) Run snmp-agent protocol server [ ipv4 | ipv6 ] disable

    The SNMP IPv4 or IPv6 listening port is disabled.

    By default, the SNMP IPv4 or IPv6 listening port is disabled.

    If ipv4 or ipv6 is not selected, both SNMP IPv4 and IPv6 listening ports are disabled.

    If the managed device only needs to send traps to the NMS but does not need to perform Get/Set operation, SNMP port listening is not required. In this case, run this command so that SNMP no longer processes SNMP packets. Exercise caution when running this command.

Parent Topic: Configuring a Device to Communicate with an NMS Through SNMPv1
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >